d1fb537e3aa9f452960a67321529b160f30cbb609f27d2c7a38b7354176e04fc

Sharing

Copy URL

Twitter E-mail

General

Target

d1fb537e3aa9f452960a67321529b160f30cbb609f27d2c7a38b7354176e04fc
Size

136KB
MD5

62ef353e5471a897b4d5381fe4384e70
SHA1

0ef0ce68b3a04be6e3715b1c9c642373cd8559fb
SHA256

d1fb537e3aa9f452960a67321529b160f30cbb609f27d2c7a38b7354176e04fc
SHA512

5a2cd29667f14617b6f8359635051c8826a92b93bac9a8c15382c9c8f2cf719e170159b2123ea745fc48e69705615e3fe1e39cdf67b9eedc0a4e6faf07539fc6
SSDEEP

3072:ZvIzqnA89J4XQOBWkYqy/BY/SCfOYcOJeUM2ZY:dIzqnA89CQOsk0sSSclT22

Score

N/A

Malware Config

Signatures

Files

d1fb537e3aa9f452960a67321529b160f30cbb609f27d2c7a38b7354176e04fc
.dll regsvr32 windows x86

9c467d27bbb6cccffd2b903abc47ebb2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_stricmp
__CxxFrameHandler
strchr
strncpy
??3@YAXPAX@Z
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
tolower
__mb_cur_max
wctomb
??2@YAPAXI@Z
free
malloc
islower
ispunct
atoi
isalnum
tmpnam
fopen
fwrite
fclose
strtok
toupper
strstr
isalpha
printf
isspace
srand
strerror
isupper
wcscmp
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
isgraph
wcslen
?what@exception@@UBEPBDXZ
isxdigit

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

ole32

CoCreateGuid
CoInitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc

user32

RegisterClassExA
CloseClipboard
OpenClipboard
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
CreateWindowExA
KillTimer
SetTimer
DefWindowProcA
SystemParametersInfoA
SetWindowPos
wsprintfA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

oleaut32

VariantClear
SysAllocString
GetErrorInfo
SysFreeString

wininet

InternetOpenA
InternetSetOptionA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle

winmm

timeGetTime

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

advapi32

RegCloseKey
RegOpenKeyExW
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegOpenKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegQueryValueExW

rpcrt4

UuidToStringA

netapi32

Netbios

kernel32

QueryPerformanceCounter
GetTickCount
SetLastError
GetModuleFileNameA
CloseHandle
OpenProcess
HeapFree
GetVersionExA
GetEnvironmentVariableA
GetCurrentDirectoryA
lstrlenA
HeapSize
HeapAlloc
QueryPerformanceFrequency
GetSystemInfo
Sleep
InterlockedExchange
GetFullPathNameA
GetSystemDirectoryA
GetWindowsDirectoryA
lstrcpyA
GetProcessHeap
FreeLibrary
CreateRemoteThread
WriteProcessMemory
GetProcAddress
VirtualAllocEx
LoadLibraryA
GetLocalTime
MultiByteToWideChar
GetVersion
GetModuleHandleA
LocalFree
FormatMessageA
CreateFileA
lstrcpynA
SleepEx
GetThreadTimes
GetCurrentThread
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCurrentProcess
GetProcessTimes
GetCurrentProcessId
DeleteFileA
CreateProcessA
WaitForSingleObject
MoveFileExA
GetLastError
lstrcmpA
lstrcmpiA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c467d27bbb6cccffd2b903abc47ebb2

Headers

File Characteristics

Imports

msvcrt

version

ole32

user32

shlwapi

oleaut32

wininet

winmm

psapi

advapi32

rpcrt4

netapi32

kernel32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 16KB - Virtual size: 20KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 16KB - Virtual size: 20KB

.reloc
Size: 8KB - Virtual size: 6KB