9abbcbaf18c16462043f2ce5ec83ee66c20d2bb58b1e5943f29704f17eb2a07f

Sharing

Copy URL Twitter E-mail

General

Target

9abbcbaf18c16462043f2ce5ec83ee66c20d2bb58b1e5943f29704f17eb2a07f
Size

84KB
MD5

59f15aad3d76a52557b4f63331d7b207
SHA1

46185422469f0c767fe717a07d8876c5af80c7b2
SHA256

9abbcbaf18c16462043f2ce5ec83ee66c20d2bb58b1e5943f29704f17eb2a07f
SHA512

6687312e3323c0d0250cd277176eef46da58b9d3be63f3ed3e51191143cb9621eb27100599f51cca9ef0dcff5115089f27ddca1ff3617b120595c390eed613e3
SSDEEP

1536:Twx1wB4+D76WTzWTwjux7dbGi2h7HICS4AsEOJLCqPT6La6lcn:Tg5+DuWTKqCdWh7UmEOJmqPTd6l

Score

N/A

Malware Config

Signatures

Files

9abbcbaf18c16462043f2ce5ec83ee66c20d2bb58b1e5943f29704f17eb2a07f
.dll regsvr32 windows x86

845b41b14bfd95bd5275f28b0a4b5df5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

isalnum
malloc
_stricmp
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
strtok
??3@YAXPAX@Z
fclose
fwrite
fopen
tmpnam
toupper
strstr
tolower
strchr
__mb_cur_max
wctomb
srand
free
printf
wcscmp
?what@exception@@UBEPBDXZ
wcslen
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@XZ
isalpha
islower
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
ispunct
strncpy
atoi
??2@YAPAXI@Z

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

shlwapi

SHSetValueA
SHGetValueA
StrStrIA

netapi32

Netbios

wininet

InternetOpenUrlA
InternetOpenA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetSetOptionA

user32

DispatchMessageA
wsprintfA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
SystemParametersInfoA
SetWindowPos
RegisterClassExA
CreateWindowExA
DefWindowProcA
GetMessageA
TranslateMessage
ShowWindow
KillTimer
SetTimer

oleaut32

SysFreeString
VariantClear
GetErrorInfo
SysAllocString

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

ole32

CoCreateGuid
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitialize

rpcrt4

UuidToStringA

advapi32

CryptReleaseContext
CryptAcquireContextA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegCloseKey
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
CryptGenRandom

kernel32

GetTickCount
QueryPerformanceFrequency
MoveFileExA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
WaitForSingleObject
CreateProcessA
DeleteFileA
GetSystemDirectoryA
QueryPerformanceCounter
lstrcpyA
GetVersionExA
SleepEx
GetProcessTimes
GetCurrentProcess
GetThreadTimes
Sleep
GetCurrentThread
HeapFree
GetEnvironmentVariableA
GetCurrentDirectoryA
lstrlenA
GetLastError
GetProcessHeap
GetModuleFileNameA
MultiByteToWideChar
GetModuleHandleA
GetVersion
LocalFree
FormatMessageA
DisableThreadLibraryCalls
OpenProcess
SetLastError
GetFullPathNameA
GetCurrentProcessId
HeapSize
CreateFileA
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
lstrcpynA
GetLocalTime
GetWindowsDirectoryA
InterlockedExchange
HeapAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

845b41b14bfd95bd5275f28b0a4b5df5

Headers

File Characteristics

Imports

msvcrt

version

shlwapi

netapi32

wininet

user32

oleaut32

psapi

ole32

rpcrt4

advapi32

kernel32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 12KB - Virtual size: 15KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 12KB - Virtual size: 15KB

.reloc
Size: 4KB - Virtual size: 3KB