92073c6ef07dfa44109e520444993bfb3027c25f72da2cefaeb210f3b4efaed7

Sharing

Copy URL

Twitter E-mail

General

Target

92073c6ef07dfa44109e520444993bfb3027c25f72da2cefaeb210f3b4efaed7
Size

284KB
MD5

b625c7d6b0756e85c7eee45237721800
SHA1

fd538a42a57d298390a9f7a9efb1624c69c124a7
SHA256

92073c6ef07dfa44109e520444993bfb3027c25f72da2cefaeb210f3b4efaed7
SHA512

0f179de8ffaba08008d5c30220b9bd136131b4b450643f3e55bf4b38c34e2bdbcea4d95539be2fde233c673bcd089a6c296071c030babef5e870e81983e8f602
SSDEEP

6144:JAvZL3PV+kzEBsCnxWCawjCw+rbwXESS+RfLN/vImaBW8:mt3gZnxlArbwvRxZ8

Score

N/A

Malware Config

Signatures

Files

92073c6ef07dfa44109e520444993bfb3027c25f72da2cefaeb210f3b4efaed7
.dll regsvr32 windows x86

8001594ba3d3d80a69e1f35ccdbd637e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_beginthreadex
_wcsicmp
wcscmp
iswdigit
_wtoi
wcsncmp
wcsrchr
wcsstr
wcschr
wcspbrk
wcslen
_vsnwprintf
_wtol
_wcsnicmp
iswspace
memmove
towupper
_snwprintf
wcsncpy
_except_handler3
_onexit
__dllonexit
_adjust_fdiv
_initterm
??2@YAPAXI@Z
realloc
??3@YAXPAX@Z
free
malloc

kernel32

GetFileAttributesA
GetFileAttributesW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
lstrcpynW
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
lstrcmpiA
lstrcmpiW
IsBadWritePtr
GetVersionExW
GetWindowsDirectoryW
GetShortPathNameA
GetShortPathNameW
CompareStringW
GetDriveTypeA
GetDriveTypeW
QueryDosDeviceA
QueryDosDeviceW
CloseHandle
DeviceIoControl
GetVersion
SetErrorMode
GetExitCodeThread
WaitForSingleObject
FindResourceW
FindResourceA
CreateFileW
CreateFileA
CompareStringA
SetLastError
GetModuleHandleA
GetWindowsDirectoryA
lstrlenW
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LoadResource
SizeofResource
lstrlenA
GetLastError
MultiByteToWideChar
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
GetProcAddress
DisableThreadLibraryCalls
FreeLibrary

user32

RegisterWindowMessageA
CharNextW
CharNextA
SendMessageA

advapi32

RegEnumKeyExW
RegEnumKeyExA
RegQueryValueExW
RegQueryValueExA
RegSetValueExW
RegSetValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegCloseKey
RegDeleteKeyA
RegEnumValueW
RegEnumValueA
RegCreateKeyExW
RegCreateKeyExA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

SysStringLen
SysAllocString
SysAllocStringLen
VarUI4FromStr
SysFreeString

mpr

WNetCancelConnection2W
WNetGetConnectionW
WNetGetConnectionA
WNetAddConnection2W

shlwapi

PathGetCharTypeW
PathGetCharTypeA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8001594ba3d3d80a69e1f35ccdbd637e

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

ole32

oleaut32

mpr

shlwapi

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 76KB

.data Size: 180KB - Virtual size: 184KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 80KB - Virtual size: 76KB

.data
Size: 180KB - Virtual size: 184KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 10KB