ce80e63155abab0f1a3fe67798c1080a07974f021be15fbd92f2853c16c6e0c3

Sharing

Copy URL Twitter E-mail

General

Target

ce80e63155abab0f1a3fe67798c1080a07974f021be15fbd92f2853c16c6e0c3
Size

344KB
MD5

7c6d00cd26892715bb05407a4b02f6d0
SHA1

144ffb98ddfe2d70ea5cb68a05850cb94eca067d
SHA256

ce80e63155abab0f1a3fe67798c1080a07974f021be15fbd92f2853c16c6e0c3
SHA512

d716cdc172fc7375fb464657a0c35ce47299580951bd7103f2f4a5325e9169577bc60093c1f2213a52912e9ee22cb5870a52a982191ba708dafc57dfa3525dcf
SSDEEP

6144:n2Usb0jPAv/FTgh7f4RhrNozVrzbSZzvw2VfgTLgAfaVttSHm:n2EjPAXFy4hrNwV7SZzvPVk8G2t+m

Score

N/A

Malware Config

Signatures

Files

ce80e63155abab0f1a3fe67798c1080a07974f021be15fbd92f2853c16c6e0c3
.dll regsvr32 windows x86

f2ae3f31ce2088ec4f0ad5fb41eede71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_i64tow
_wcsicmp
__CxxFrameHandler
_CxxThrowException
_snwprintf
_except_handler3
?terminate@@YAXXZ
_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
free
wcstol
_wtol
localeconv
wcsspn
wcsncmp
_itow
memmove
strncpy
sprintf
wcscpy
wcscmp
swprintf
_purecall
wcsncpy
_wcsnicmp
iswspace
wcschr
towlower
_ltow
wcslen

kernel32

CreateFileA
GetFileTime
GetFileType
CreateFileW
GetVersion
GetSystemTimeAsFileTime
GetModuleFileNameA
IsBadCodePtr
FreeLibrary
LocalFree
GetUserDefaultLCID
InterlockedDecrement
InterlockedIncrement
GetFullPathNameW
FormatMessageW
LocalAlloc
FormatMessageA
LoadLibraryExA
MultiByteToWideChar
CompareFileTime
CloseHandle
IsBadWritePtr
DisableThreadLibraryCalls
GetVersionExA
IsDBCSLeadByteEx
GetLastError
WideCharToMultiByte
GetCPInfo

user32

LoadStringW
LoadStringA
wsprintfA

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA

ole32

CoGetMalloc
CoTaskMemFree
CoGetClassObject
CoCreateInstance

oleaut32

VariantClear
SetErrorInfo
GetErrorInfo
SysStringByteLen
VariantInit
SysAllocStringLen
CreateErrorInfo
SysAllocString
SysStringLen
SysAllocStringByteLen
SysFreeString

msdart

??1CSmallSpinLock@@QAE@XZ
mpMalloc
?WriteUnlock@CSmallSpinLock@@QAEXXZ
?WriteLock@CSmallSpinLock@@QAEXXZ
MpHeapAlloc
MpHeapReAlloc
?CreateHolder@@YGJPAUIGPDispenser@@HIPAPAUIGPHolder@@@Z
?WriteLock@CReaderWriterLock2@@QAEXXZ
mpRealloc
FXMemDetach
FXMemAttach
MpGetHeapHandle
mpFree

msdatl3

?Release@CClassFactory@@UAGKXZ
??1CClassFactory@@QAE@XZ
??0CClassFactory@@QAE@PAJ0@Z
?QueryInterface@CClassFactory@@UAGJABU_GUID@@PAPAX@Z
?AddRef@CClassFactory@@UAGKXZ
?LockServer@CClassFactory@@UAGJH@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
ExecuteToStream

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f2ae3f31ce2088ec4f0ad5fb41eede71

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

ole32

oleaut32

msdart

msdatl3

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 162KB

.data Size: 12KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 8KB

.text Size: 148KB - Virtual size: 148KB

.text
Size: 164KB - Virtual size: 162KB

.data
Size: 12KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 8KB

.text
Size: 148KB - Virtual size: 148KB