b851ce8495467ba5c194d6a6468ac364fe0ff3a2dde3ed4691d5b0b106962cf0

Sharing

Copy URL Twitter E-mail

General

Target

b851ce8495467ba5c194d6a6468ac364fe0ff3a2dde3ed4691d5b0b106962cf0
Size

900KB
MD5

31a8ca4ab20c9f907481a583caa34aa0
SHA1

ddd57789a5194def320725fb9b5a7d285cb04a95
SHA256

b851ce8495467ba5c194d6a6468ac364fe0ff3a2dde3ed4691d5b0b106962cf0
SHA512

4785db5f3e290b754534da7979aa782883e45c311436370424cca5cf6d8de32b5773f749cbbc5abd60ced6d4430e19936c9b9a85d44d6ee8ebb4f9d29600412e
SSDEEP

24576:D+djM/bMRoXQ7Wuw+je+3aJUIZ/9KqtWN268mqd82aDB0H:+nooB

Score

N/A

Malware Config

Signatures

Files

b851ce8495467ba5c194d6a6468ac364fe0ff3a2dde3ed4691d5b0b106962cf0
.dll regsvr32 windows x86

8be1e71135249182f5f05114ab9256cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GetModuleFileNameA
GetModuleFileNameW
CreateEventA
CreateEventW
lstrlenA
WaitForSingleObject
CreateFileA
CreateFileW
GetFileInformationByHandle
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
LockFileEx
UnlockFileEx
DuplicateHandle
GetCurrentProcess
InterlockedIncrement
InterlockedDecrement
ReleaseMutex
DeleteFileA
DeleteFileW
CreateDirectoryA
CreateDirectoryW
GetFileAttributesA
GetFileAttributesW
CreateMutexA
CreateMutexW
OpenEventA
InterlockedExchange
ReleaseSemaphore
CreateSemaphoreA
GetThreadPriority
GetQueuedCompletionStatus
GetSystemInfo
CreateIoCompletionPort
WaitForMultipleObjects
PostQueuedCompletionStatus
SetThreadPriority
lstrcmpiA
IsDBCSLeadByte
lstrcpynA
HeapDestroy
lstrcpyA
lstrcatA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetShortPathNameA
MoveFileA
MoveFileW
CreateFileMappingA
CreateFileMappingW
CompareStringA
CompareStringW
UnmapViewOfFile
MapViewOfFile
GetFileSize
GlobalMemoryStatus
GetModuleHandleA
SystemTimeToFileTime
GetSystemTime
LoadLibraryA
GetFullPathNameW
GlobalUnlock
GlobalLock
Sleep
SetLastError
IsValidLocale
LoadLibraryExW
FindResourceExA
FindResourceExW
LockResource
OpenProcess
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsSetValue
GetCommandLineA
HeapFree
HeapAlloc
ExitThread
TlsGetValue
CreateThread
HeapReAlloc
ExitProcess
TlsFree
TlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
VirtualProtect
VirtualQuery
LCMapStringA
LCMapStringW
VirtualAlloc
RtlUnwind
GetACP
GetOEMCP
GetCPInfo
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
GetVersionExA
LoadLibraryW
GetUserDefaultLangID
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetLastError
WideCharToMultiByte
GetTickCount
ResetEvent
SetEvent
CloseHandle
CreateProcessA
DeleteCriticalSection
InitializeCriticalSection
IsBadCodePtr
LeaveCriticalSection
EnterCriticalSection
IsBadReadPtr
GetFullPathNameA
IsBadWritePtr

user32

GetDlgItem
wsprintfA
SendMessageA
LoadStringA
DefWindowProcA
EnableWindow
EndDialog
GetWindowLongA
SetFocus
DialogBoxParamA
SetCursor
SetWindowLongA
GetFocus
IsWindow
UnregisterClassA
DispatchMessageA
DestroyWindow
PostMessageA
RegisterClassA
CreateWindowExA
CharNextA
FindWindowA
SetTimer
KillTimer
SetWindowTextA
SendMessageTimeoutA
PeekMessageA
MsgWaitForMultipleObjects
LoadCursorA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCreateKeyExW
RegQueryValueExA
RegQueryValueExW
RegCloseKey
RegDeleteKeyA
RegDeleteKeyW
RegEnumKeyExA
RegEnumKeyExW
RegDeleteValueA
RegDeleteValueW
RegEnumValueA
RegEnumValueW
RegSetValueExA
RegSetValueExW
RegQueryInfoKeyA
GetUserNameA
GetUserNameW
RegOpenKeyExW

ole32

CoInitializeEx
CoUninitialize
CoTaskMemRealloc
CLSIDFromProgID
GetHGlobalFromStream
StringFromGUID2
CoCreateGuid
CLSIDFromString
CreateStreamOnHGlobal
StringFromIID
IIDFromString
StringFromCLSID
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoDisconnectObject

oleaut32

SafeArrayAccessData
SafeArrayUnaccessData
VariantClear
SysAllocString
SafeArrayCreateVector
VarUI4FromStr
SafeArrayRedim
RegisterTypeLi
SysStringLen
LoadRegTypeLi
VariantInit
SysAllocStringLen
VariantCopy
VarDecRound
SysFreeString
LoadTypeLi
VariantChangeType

winmm

waveInAddBuffer
waveInPrepareHeader
waveInUnprepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutPrepareHeader
mixerGetID
mixerClose
mixerOpen
waveInGetNumDevs
waveOutGetNumDevs
waveOutGetDevCapsA
waveOutGetDevCapsW
waveInGetDevCapsA
waveInGetDevCapsW
waveInReset
waveInStop
waveInStart
waveInOpen
waveInClose
waveOutReset
waveOutPause
waveOutRestart
waveOutOpen
waveOutClose
waveOutGetPosition
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerSetControlDetails
mmioClose
mmioSeek
mmioRead
mmioWrite
mmioDescend
mmioAscend
mmioCreateChunk
mmioOpenA
mmioOpenW

shlwapi

ord437

urlmon

URLOpenBlockingStreamW

msacm32

acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmStreamSize
acmStreamOpen
acmStreamClose
acmFormatSuggest

shfolder

SHGetFolderPathW

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
RunSapiServer

Sections

.text
Size: 488KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 184KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8be1e71135249182f5f05114ab9256cc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

winmm

shlwapi

urlmon

msacm32

shfolder

version

Exports

Exports

Sections

.text Size: 488KB - Virtual size: 487KB

.data Size: 184KB - Virtual size: 188KB

.rsrc Size: 196KB - Virtual size: 195KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 488KB - Virtual size: 487KB

.data
Size: 184KB - Virtual size: 188KB

.rsrc
Size: 196KB - Virtual size: 195KB

.reloc
Size: 28KB - Virtual size: 27KB