aedefea4d61a1f2018ef5003d6f808cd1a4f082a92b46a06dfe239b13fa167b5

Sharing

Copy URL

Twitter E-mail

General

Target

aedefea4d61a1f2018ef5003d6f808cd1a4f082a92b46a06dfe239b13fa167b5
Size

188KB
MD5

cef8d2e57c48305ad581c875b3d447a0
SHA1

19cbbd1d2b7c4e0e2e50ccb1ac7db2ebd54ffeba
SHA256

aedefea4d61a1f2018ef5003d6f808cd1a4f082a92b46a06dfe239b13fa167b5
SHA512

a7f7ff2e492dd26f301cbd47d7cb40b17e327c0fa59c2e1272f7bccfe5f03a30b7067a1650c95799e973930b4bcb818418a59fdfb14b4bb01f34717510d8f1ee
SSDEEP

3072:OlUbErrX1nJDWhTXJ25kj8rG47fjjEbfSgzY3aisRFBJ2yh5/8OTUvRAsyyASP4t:LEHX1nJmofjjEb6DacAo9yGwxoVU

Score

N/A

Malware Config

Signatures

Files

aedefea4d61a1f2018ef5003d6f808cd1a4f082a92b46a06dfe239b13fa167b5
.dll regsvr32 windows x86

15cb52c1ab25fee752fbce948a5392ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
WSAStartup
socket
setsockopt
ioctlsocket
connect
select
__WSAFDIsSet
shutdown
recv
WSASetLastError
htons
getservbyname
htonl
closesocket
WSACleanup
getservbyport
ntohs
gethostbyaddr
inet_ntoa
gethostbyname
WSAGetLastError
send

kernel32

GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedExchange
MultiByteToWideChar
WideCharToMultiByte
RaiseException
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
Sleep
HeapFree
VirtualAlloc
HeapAlloc
GetProcessHeap
ReadFile
SetFilePointer
GetFileSize
GetFileTime
CreateFileA
CreateFileW
VirtualQuery
lstrlenA
FreeLibrary
GetSystemInfo
LoadLibraryA
GetSystemDirectoryA
lstrlenW
lstrcmpiA
VirtualFree
CloseHandle
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
DisableThreadLibraryCalls
GetModuleFileNameA
IsDBCSLeadByte
LoadLibraryExA
GetModuleHandleA
SetThreadLocale
GetThreadLocale
FormatMessageW
FormatMessageA
HeapReAlloc
HeapCreate
HeapDestroy
SetUnhandledExceptionFilter
VirtualProtect
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetProcAddress
GetVersionExA
GetACP
GetLocaleInfoA
HeapSize
lstrcmpA
IsDebuggerPresent
DebugBreak

mkzlib

inflate
inflateReset
inflateInit_
inflateEnd

mkunicode

Utf16ToUtf8
Utf8ToUtf16

user32

UnregisterClassA
CharNextA

advapi32

RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegCreateKeyExW
RegQueryValueExW
RegDeleteKeyA

ole32

CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc

oleaut32

SafeArrayCreate
SafeArrayAccessData
SafeArrayDestroy
SafeArrayUnaccessData
SysAllocStringLen
VariantClear
VariantInit
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
VariantChangeType
SysFreeString

rpcrt4

UuidToStringA
RpcStringFreeA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

15cb52c1ab25fee752fbce948a5392ab

Headers

File Characteristics

Imports

ws2_32

kernel32

mkzlib

mkunicode

user32

advapi32

ole32

oleaut32

rpcrt4

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 80KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

.text Size: 89KB - Virtual size: 92KB

.text
Size: 80KB - Virtual size: 80KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 89KB - Virtual size: 92KB