28d1af7c2ec5593bbbca1bf94e72ef0b283a4b6b2944f265e8be7e9322965ebf

Sharing

Copy URL

Twitter E-mail

General

Target

28d1af7c2ec5593bbbca1bf94e72ef0b283a4b6b2944f265e8be7e9322965ebf
Size

956KB
MD5

5750f663066ba01818aaf0024544d780
SHA1

e0579050515e4a38fc65ebff428c24cc849601b4
SHA256

28d1af7c2ec5593bbbca1bf94e72ef0b283a4b6b2944f265e8be7e9322965ebf
SHA512

82b16ddf65d2cb0b526a41a818c976f8d896e49185aa08ba8d14b2e2afe0d757168829b49e7247da56937060d12d9907956039a5b26e5a4b797d249b2724b952
SSDEEP

12288:z/9coV0ZisEkNMp0qK7aWMg3qTJR0YUcQsVe2ShYUNNK5t0wdXG7+RgniNdro:RcoV0Zis1NHb7+nI3Gh5VXfgnifo

Score

N/A

Malware Config

Signatures

Files

28d1af7c2ec5593bbbca1bf94e72ef0b283a4b6b2944f265e8be7e9322965ebf
.dll regsvr32 windows x86

305f16c1725dc5d53d96e559ed03b644

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVIStreamRead
AVIStreamReadFormat
AVIFileRelease
AVIStreamRelease
AVIFileExit
AVIStreamFindSample
AVIFileOpenA
AVIFileGetStream
AVIStreamInfoA

winmm

mmioSeek
mmioStringToFOURCCA
mmioCreateChunk
mmioWrite
mmioOpenA
mmioDescend
mmioRead
mmioAscend
mmioClose

msacm32

acmStreamClose
acmStreamOpen
acmStreamSize

kernel32

WriteFile
HeapFree
HeapAlloc
GetProcessHeap
InterlockedExchange
GetVersionExA
GetACP
GetLocaleInfoA
GetThreadLocale
MultiByteToWideChar
lstrlenA
GetModuleFileNameA
WideCharToMultiByte
lstrlenW
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
MulDiv
lstrcpyA
LeaveCriticalSection
GetCurrentThreadId
EnterCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrcmpA
FlushInstructionCache
GetCurrentProcess
SetLastError
GlobalFree
GlobalHandle
SetFileAttributesA
GetFileAttributesA
FindResourceExA
DisableThreadLibraryCalls
lstrcatA
GetLastError
DeleteFileA
GetTempFileNameA
GetTempPathA
ExitProcess
RtlUnwind
GetProcAddress
GetModuleHandleA
TerminateProcess
HeapReAlloc
MoveFileA
SetEndOfFile
GetFileType
GetSystemTimeAsFileTime
TlsSetValue
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
RaiseException
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TlsFree
TlsGetValue
TlsAlloc
GetOEMCP
GetCPInfo
SetHandleCount
GetStdHandle
GetStartupInfoA
SetStdHandle
FlushFileBuffers
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
LoadLibraryA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualProtect
GetSystemInfo
VirtualQuery
CreateFileA
CloseHandle
GetFileSize
SetFilePointer
ReadFile
LocalFree

user32

SetCapture
InvalidateRect
InvalidateRgn
DestroyWindow
SendMessageA
GetDlgItem
wsprintfA
DialogBoxIndirectParamA
ReleaseCapture
SetWindowContextHelpId
SetWindowPos
EndDialog
LoadStringA
GetActiveWindow
MessageBoxExA
CharNextA
GetDesktopWindow
GetParent
GetClassNameA
RedrawWindow
UnregisterClassA
CreateAcceleratorTableA
GetWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
GetClassInfoExA
RegisterWindowMessageA
DefWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowTextA
GetWindowTextA
MapDialogRect
GetWindowTextLengthA
DestroyAcceleratorTable
GetSysColor
CallWindowProcA
IsChild
GetFocus
SetFocus
ReleaseDC
GetDC
IsWindow
BeginPaint
GetClientRect
FillRect
EndPaint

gdi32

DeleteDC
GetStockObject
GetObjectA
CreateSolidBrush
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
GetDeviceCaps

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegDeleteValueA

ole32

ProgIDFromCLSID
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
StringFromGUID2
OleLockRunning
CoTaskMemRealloc
OleRun

oleaut32

SafeArrayCreate
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi
VarBstrCmp
CreateErrorInfo
SetErrorInfo
VariantChangeType
SafeArrayGetUBound
SafeArrayRedim
VarBstrCat
RegisterTypeLi
SysAllocString
SysStringLen
SafeArrayDestroy
SysStringByteLen
SysAllocStringByteLen
VariantInit
VariantCopy
VariantClear
SysFreeString
VarUI4FromStr
GetErrorInfo
UnRegisterTypeLi
SysAllocStringLen

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 416KB - Virtual size: 414KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

305f16c1725dc5d53d96e559ed03b644

Headers

File Characteristics

Imports

avifil32

winmm

msacm32

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 416KB - Virtual size: 414KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 72KB - Virtual size: 75KB

.rsrc Size: 240KB - Virtual size: 239KB

.reloc Size: 20KB - Virtual size: 16KB

.text Size: 160KB - Virtual size: 160KB

.text
Size: 416KB - Virtual size: 414KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 72KB - Virtual size: 75KB

.rsrc
Size: 240KB - Virtual size: 239KB

.reloc
Size: 20KB - Virtual size: 16KB

.text
Size: 160KB - Virtual size: 160KB