e83da2fa21b136d6efd409b071566908c3b706df81b2bfd4a525127ce2e58ee9

Sharing

Copy URL Twitter E-mail

General

Target

e83da2fa21b136d6efd409b071566908c3b706df81b2bfd4a525127ce2e58ee9
Size

140KB
MD5

646af14ca248c855988e39a324f6fb8a
SHA1

74ab16c8ff40e69e6a26dd52887f17fbd7ae16a8
SHA256

e83da2fa21b136d6efd409b071566908c3b706df81b2bfd4a525127ce2e58ee9
SHA512

d41d6f6a76fe5050386cd760a40524f5c5885cccd34d83d59ff1f90a701f9fcf595621c70d509dc30035c22b97c14180c39c17f8b1a93e0c0ae236fec2044e94
SSDEEP

3072:iBWrUZaRBSUEfL7S19zvtQz5CqBCJHJf1Q8Aw:+xUEfLervM5bIP1ZAw

Score

N/A

Malware Config

Signatures

Files

e83da2fa21b136d6efd409b071566908c3b706df81b2bfd4a525127ce2e58ee9
.dll regsvr32 windows x86

665a5e78274c8728a3bebff3e0dcef78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

Netbios

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

StrStrIA
SHGetValueA
SHSetValueA

user32

EnumChildWindows
GetWindowThreadProcessId
GetClassNameA
wsprintfA
GetMessageA
EnumWindows
KillTimer
SetTimer
SetWindowPos
RegisterClassExA
CreateWindowExA
ShowWindow
DefWindowProcA
TranslateMessage
DispatchMessageA
OpenClipboard
CloseClipboard
SystemParametersInfoA

msvcrt

wcslen
wcscmp
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
?what@exception@@UBEPBDXZ
isalnum
strerror
isgraph
isupper
ispunct
wctomb
isxdigit
srand
_stricmp
atoi
tmpnam
fopen
fwrite
fclose
printf
isspace
strchr
tolower
isalpha
strncpy
malloc
free
??1exception@@UAE@XZ
_CxxThrowException
islower
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
strstr
??2@YAPAXI@Z
strtok
??3@YAXPAX@Z
__CxxFrameHandler
toupper
__mb_cur_max

advapi32

RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegCloseKey

rpcrt4

UuidToStringA

winmm

timeGetTime

wininet

InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetSetOptionA
InternetOpenA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CoInitialize
CoCreateInstance

oleaut32

SysAllocString
SysFreeString
VariantClear
GetErrorInfo

kernel32

lstrcmpiA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetLocalTime
InterlockedExchange
GetEnvironmentVariableA
GetCurrentThread
GetThreadTimes
GetSystemInfo
GetSystemDirectoryA
DeleteFileA
CreateProcessA
WaitForSingleObject
MoveFileExA
LoadLibraryA
GetProcAddress
FreeLibrary
QueryPerformanceFrequency
CreateFileA
OpenProcess
SleepEx
lstrcmpA
lstrlenA
HeapFree
GetLastError
LocalFree
FormatMessageA
GetVersion
HeapSize
HeapAlloc
GetProcessHeap
lstrcpynA
GetFullPathNameA
GetModuleFileNameA
GetCurrentDirectoryA
GetModuleHandleA
GetVersionExA
GetProcessTimes
GetCurrentProcess
Sleep
SetLastError
GetWindowsDirectoryA
MultiByteToWideChar
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
CloseHandle
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
lstrcpyA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

665a5e78274c8728a3bebff3e0dcef78

Headers

File Characteristics

Imports

netapi32

version

shlwapi

user32

msvcrt

advapi32

rpcrt4

winmm

wininet

psapi

ole32

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 16KB - Virtual size: 20KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 16KB - Virtual size: 20KB

.reloc
Size: 8KB - Virtual size: 6KB