b57f30e9b41c895a866efc4c95a62377190551e98114df2a525ae561091b9dd6

Sharing

Copy URL Twitter E-mail

General

Target

b57f30e9b41c895a866efc4c95a62377190551e98114df2a525ae561091b9dd6
Size

148KB
MD5

8d563bfbf6ffb57e796b7477a661ea6e
SHA1

38112f2b1a7a082523fa760993dc1a57d17aee78
SHA256

b57f30e9b41c895a866efc4c95a62377190551e98114df2a525ae561091b9dd6
SHA512

c5511bbadd60bc8f96e2f01f304abc67c1abbc7fe2118433939bdccd43fc5cd6bf64656ab900726358dc9b7ba6827b66599c5cb928dab7dfe943f2e7884ffa4b
SSDEEP

3072:OZc2BY7x8/BGawRLzDvkzZEdIr3EkuJDjvN7JSjy4JRYrRT++n7M:OHu7x8IayvvyhsRJSjy0iRTFng

Score

N/A

Malware Config

Signatures

Files

b57f30e9b41c895a866efc4c95a62377190551e98114df2a525ae561091b9dd6
.dll regsvr32 windows x86

8d733853e7dc081dfa2a9092e50f339b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidToStringA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

winmm

timeGetTime

shlwapi

SHGetValueA
SHSetValueA
StrStrIA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoCreateGuid
CoCreateInstance

msvcrt

atoi
_stricmp
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
strstr
toupper
isupper
isalnum
isxdigit
strerror
?what@exception@@UBEPBDXZ
wcslen
wcscmp
isalpha
__mb_cur_max
wctomb
srand
islower
strtok
tmpnam
fopen
fwrite
fclose
malloc
free
strchr
tolower
isgraph
isspace
ispunct
printf
??2@YAPAXI@Z
??1exception@@UAE@XZ
??3@YAXPAX@Z
_CxxThrowException
__CxxFrameHandler
strncpy
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z

netapi32

Netbios

wininet

InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetSetOptionA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

user32

EnumWindows
wsprintfA
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
DispatchMessageA
EnumChildWindows
SetWindowPos
OpenClipboard
CloseClipboard
KillTimer
SetTimer
DefWindowProcA
GetWindowThreadProcessId
GetClassNameA
TranslateMessage
SystemParametersInfoA

advapi32

RegCloseKey
RegOpenKeyExW
RegOpenKeyExA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegQueryValueExW

oleaut32

SysAllocString
SysFreeString
VariantClear
GetErrorInfo

kernel32

CreateFileA
GetCurrentThread
GetThreadTimes
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcpyA
GetVersion
Sleep
GetEnvironmentVariableA
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryA
HeapFree
lstrlenA
GetSystemDirectoryA
GetVersionExA
LocalFree
GetModuleHandleA
FormatMessageA
GetWindowsDirectoryA
HeapSize
HeapAlloc
GetProcessHeap
SetLastError
GetModuleFileNameA
InterlockedExchange
GetFullPathNameA
CloseHandle
CreateRemoteThread
GetCurrentDirectoryA
WriteProcessMemory
VirtualAllocEx
OpenProcess
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
SleepEx
lstrcpynA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetLocalTime
GetCurrentProcessId
GetProcessTimes
GetCurrentProcess
lstrcmpiA
lstrcmpA
MultiByteToWideChar
GetSystemInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d733853e7dc081dfa2a9092e50f339b

Headers

File Characteristics

Imports

rpcrt4

psapi

winmm

shlwapi

ole32

msvcrt

netapi32

wininet

version

user32

advapi32

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 20KB - Virtual size: 23KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 20KB - Virtual size: 23KB

.reloc
Size: 8KB - Virtual size: 7KB