3414fd6678ee9c1a0b01175b92f6eab9dbd1788b0fb8be52a645efadeb685bed

Sharing

Copy URL Twitter E-mail

General

Target

3414fd6678ee9c1a0b01175b92f6eab9dbd1788b0fb8be52a645efadeb685bed
Size

140KB
MD5

a5dee120a3d248edb4f7d5151eecb8a0
SHA1

966ce77eb2d93814258e2d1f03bc9a0a28cb78fa
SHA256

3414fd6678ee9c1a0b01175b92f6eab9dbd1788b0fb8be52a645efadeb685bed
SHA512

9e216dffc144886d9a2669e7822123e95afa52ad58741a9933679a860be62f9ba78a9b83ddf7ba0ef71ceb9e7301b2cb2abe7b9db2cfbc8c8869325024484c25
SSDEEP

3072:P1lDzg12BFf0/ULmFLo2yGWMoGnNgKr+PRk1ZY:9lvge566KrRk

Score

N/A

Malware Config

Signatures

Files

3414fd6678ee9c1a0b01175b92f6eab9dbd1788b0fb8be52a645efadeb685bed
.dll regsvr32 windows x86

9ca3a3ae599fb1ebf762130d02a49704

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetCompositionStringA
ImmGetContext

kernel32

RaiseException
GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
GetProcessVersion
HeapSize
HeapReAlloc
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
HeapAlloc
GetEnvironmentStrings
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
GetEnvironmentStringsW
IsBadReadPtr
IsBadStringPtrA
GlobalAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetProcAddress
GetModuleHandleA
WriteProcessMemory
GetCurrentProcess
VirtualProtect
GetLastError
WriteFile
SetFilePointer
FlushFileBuffers
LoadLibraryA
lstrcpyA
lstrcpynA
lstrcmpiA
GetModuleFileNameA
GetCurrentThreadId
OpenFileMappingA
GetCurrentThread
lstrcmpA
GlobalDeleteAtom
lstrlenA
GlobalLock
GlobalFlags
InterlockedDecrement
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
GetVersion
FreeLibrary
InterlockedIncrement
WideCharToMultiByte
LocalAlloc
LocalFree
TlsAlloc
DeleteCriticalSection
GlobalFree
GlobalUnlock
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
MultiByteToWideChar
WritePrivateProfileStringA
SetLastError

user32

LoadIconA
SetWindowTextA
ShowWindow
FindWindowExA
UnregisterClassA
PtInRect
ClientToScreen
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
SetFocus
AdjustWindowRectEx
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetSysColor
MapWindowPoints
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
GetClientRect
GetDC
ReleaseDC
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
PostQuitMessage
GetSystemMetrics
wsprintfA
EnableWindow
SetWindowsHookExA
UnhookWindowsHookEx
GetFocus
GetWindow
PostMessageA
CallNextHookEx
GetClassNameA
GetDlgItem
GetWindowThreadProcessId
SendMessageA
GetParent
RegisterWindowMessageA
GetWindowTextA
GetWindowLongA
GetMenuCheckMarkDimensions
GetWindowRect

gdi32

Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ImageList_Destroy
ord17

ole32

CoCreateInstance

Exports

Exports

?GetCurrentUinReplaced@@YAKPAX@Z
?GetCurrentUserdataReplaced@@YAXPAXPAPAX@Z
?SetWndHook@@YAHPAUHWND__@@@Z
?UnsetWndHook@@YAHXZ
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TEC_IMHO
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ca3a3ae599fb1ebf762130d02a49704

Headers

File Characteristics

Imports

imm32

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ole32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 16KB - Virtual size: 30KB

TEC_IMHO Size: 4KB - Virtual size: 24B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 16KB - Virtual size: 14KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 16KB - Virtual size: 30KB

TEC_IMHO
Size: 4KB - Virtual size: 24B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 16KB - Virtual size: 14KB