f4f299efac9bc7bbb6c167860b62fe5f5bf0c3c03f7ffa1da19fac7381c4c602

Sharing

Copy URL

Twitter E-mail

General

Target

f4f299efac9bc7bbb6c167860b62fe5f5bf0c3c03f7ffa1da19fac7381c4c602
Size

120KB
MD5

31056904228108e28cf827ccf7d00ace
SHA1

a0cdef5da621b66fd7bfcd5d8c8d2d54bfbcd8fe
SHA256

f4f299efac9bc7bbb6c167860b62fe5f5bf0c3c03f7ffa1da19fac7381c4c602
SHA512

27c0662524e72efa3a6f0c402e7dfaa208faea6fccdb62e5c711457cfd92cd5f8ae10ff752a838b2dd671aace3dae52eea5e875f7d01a1f8d550fee5527aff29
SSDEEP

1536:RpI3OQlBI91b1tT04fJFCT5JSwAw2CU3ekoIkrrMHkW:RZoK11hFEjoukoImMHv

Score

N/A

Malware Config

Signatures

Files

f4f299efac9bc7bbb6c167860b62fe5f5bf0c3c03f7ffa1da19fac7381c4c602
.dll regsvr32 windows x86

0466e8b778aead8e1e4fab34d67a8586

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
CloseHandle
WriteFile
CreateFileA
FindClose
FindFirstFileA
SetFileTime
GetFileTime
LocalFree
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
InitializeCriticalSection
CompareStringW
GetModuleFileNameA
DisableThreadLibraryCalls
GetTempPathA
GetPrivateProfileSectionA
GetTickCount
lstrlenA
CompareStringA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetModuleHandleA
GetProcAddress
LoadLibraryA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetSystemDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetWindowsDirectoryA
DeleteFileA
WritePrivateProfileStringA
GetLastError
MultiByteToWideChar
lstrlenW
SetEnvironmentVariableA
WideCharToMultiByte
VirtualAlloc
IsBadCodePtr
LCMapStringW
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
VirtualFree
HeapCreate
RtlUnwind
CreateThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
RaiseException
TlsAlloc
TlsFree
SetLastError
HeapAlloc
HeapFree
ExitProcess
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FlushFileBuffers
SetFilePointer
ReadFile
HeapReAlloc
HeapSize
LCMapStringA
HeapDestroy

user32

EnumChildWindows
SetWindowTextA
GetClassNameA
GetWindowTextA
wsprintfA

advapi32

RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoCreateGuid
CoInitialize
CoUninitialize

oleaut32

LoadRegTypeLi
SysStringLen
SysAllocStringLen
SysFreeString
VariantCopy
VariantChangeType
VariantClear

wininet

InternetCloseHandle
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetOpenA
InternetOpenUrlA

atl

ord16
ord15
ord23
ord31
ord18
ord57
ord32
ord58
ord21
ord30

ws2_32

htons
gethostbyname
socket
WSAStartup
sendto
recvfrom
ioctlsocket

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0466e8b778aead8e1e4fab34d67a8586

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

wininet

atl

ws2_32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 20KB - Virtual size: 25KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 7KB