38a08b8d0955bb5be9bd5b206e279f587cc0293525702805b54b776be74f69ba

Sharing

Copy URL Twitter E-mail

General

Target

38a08b8d0955bb5be9bd5b206e279f587cc0293525702805b54b776be74f69ba
Size

260KB
MD5

310a808d7f9f9f16e86cec430345e820
SHA1

d34f2334e8029174e6c1d9a224c69246ba930f3c
SHA256

38a08b8d0955bb5be9bd5b206e279f587cc0293525702805b54b776be74f69ba
SHA512

fdf91fc27e18d96e1816b2cf32c641f3974cd575e4721f6f66914c70da0618d52b65b3e8489b35b867b09c86ccaa35aecfeded9b06d59d347a6f7ae9f36a3879
SSDEEP

6144:KwmoXLjIT3u0b0+d++NZ4x3EyXxrH0aRg5oEgB3nfVsZ7cEG:FmoXLjavQ+d++haR2oEG8c

Score

N/A

Malware Config

Signatures

Files

38a08b8d0955bb5be9bd5b206e279f587cc0293525702805b54b776be74f69ba
.dll regsvr32 windows x86

76f96eda95bb3434cecc0e71004b887d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionW
PathFindExtensionA

kernel32

WideCharToMultiByte
GetLastError
GetCPInfo
GetACP
MultiByteToWideChar
FreeLibrary
IsDBCSLeadByte
lstrcmpiA
lstrcpynA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
RaiseException
lstrlenA
lstrlenW
lstrcatA
lstrcpyA
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
IsBadWritePtr
IsBadReadPtr
IsBadStringPtrW
LCMapStringW
LCMapStringA
CloseHandle
FlushFileBuffers
GetFileAttributesExA
GetVersionExA
GetThreadLocale
GetLocaleInfoA
InterlockedExchange
GetModuleFileNameA
SetStdHandle
IsBadCodePtr
LoadLibraryA
SetFilePointer
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapFree
HeapReAlloc
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCurrentThreadId
GetCommandLineA
ExitProcess
RtlUnwind
HeapDestroy
HeapCreate
VirtualFree
GetProcAddress
TerminateProcess
GetCurrentProcess
HeapSize
GetOEMCP
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId

user32

CharNextA
CharNextExA

advapi32

RegQueryInfoKeyA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA

ole32

CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CoTaskMemFree

oleaut32

LoadTypeLi
SysAllocString
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
SysFreeString
SysAllocStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

76f96eda95bb3434cecc0e71004b887d

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 12KB - Virtual size: 8KB

.text Size: 100KB - Virtual size: 100KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 12KB - Virtual size: 8KB

.text
Size: 100KB - Virtual size: 100KB