a6b10ebd76b5913f1346f61f4b38206ee2aec27f68200859332fab24eddbd450

Sharing

Copy URL Twitter E-mail

General

Target

a6b10ebd76b5913f1346f61f4b38206ee2aec27f68200859332fab24eddbd450
Size

252KB
MD5

7fffd88c3cc3e7fbb4bd46932499f354
SHA1

576c7e930736bb0e4161f86d8ebabf63c8edb360
SHA256

a6b10ebd76b5913f1346f61f4b38206ee2aec27f68200859332fab24eddbd450
SHA512

3fe5b6578b1244149567615c1efd8bfaa6d5ab12277a6f82dea23ae8a55e8965a9fda57e4a986369ec8e7e4df5237add80c036a9b07ff926c1ceaa73d149d721
SSDEEP

3072:it9eDUn9bBeASFlh9yt69BDNPqx8cRXWHrU7C0F0Jf2cvcGS:IwDUXir7c0BDNmxRXWLU7C0Fe2ci

Score

N/A

Malware Config

Signatures

Files

a6b10ebd76b5913f1346f61f4b38206ee2aec27f68200859332fab24eddbd450
.dll regsvr32 windows x86

fc89b81ad7f27d6893041fe610765e8b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
CreateThread
TerminateThread
DisableThreadLibraryCalls
ReadFile
LocalFree
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcessId
WaitForSingleObject
CreateRemoteThread
GetModuleHandleA
WriteProcessMemory
VirtualAllocEx
OpenProcess
CreateProcessA
GetLocalTime
GetTickCount
SetFilePointer
WriteFile
GetFileSize
CloseHandle
GetSystemDirectoryA
lstrlenW
Sleep
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
GetVersion
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
OutputDebugStringA
DebugBreak
InterlockedDecrement
lstrlenA
CreateDirectoryA
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
DeleteFileA
VirtualFreeEx

user32

SetForegroundWindow
RegisterWindowMessageA
DestroyWindow
SendMessageA
CharLowerA
CharNextA
wvsprintfA
LoadStringA
wsprintfA
CallNextHookEx
GetClassNameA
SetWindowsHookExA
KillTimer
UnhookWindowsHookEx
SetTimer
GetSystemMetrics
wsprintfW
GetParent
GetActiveWindow
ShowWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
SetActiveWindow
BringWindowToTop
SetFocus
SendMessageTimeoutA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextA
RegEnumKeyExA
RegQueryInfoKeyA

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
VariantClear
VariantCopy
VariantChangeType

atl

ord30
ord57
ord18
ord15
ord16
ord21

msvcp60

??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??9std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?_Xran@std@@YAXXZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??_7out_of_range@std@@6B@
??1out_of_range@std@@UAE@XZ
??0out_of_range@std@@QAE@ABV01@@Z
??0logic_error@std@@QAE@ABV01@@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?str@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ

urlmon

URLDownloadToFileA

wininet

InternetOpenA
HttpSendRequestA
InternetCloseHandle
InternetAttemptConnect
InternetConnectA
InternetOpenUrlA
HttpAddRequestHeadersA
HttpOpenRequestA
HttpQueryInfoA
InternetReadFile
InternetCrackUrlA

netapi32

Netbios

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

msvcrt

_stricmp
atoi
strlen
atol
time
strcmp
_mbscmp
localtime
??2@YAPAXI@Z
strstr
_except_handler3
_CxxThrowException
memcpy
_ismbcspace
memmove
??0exception@@QAE@ABV0@@Z
_mbschr
wcslen
_ismbcdigit
_mbsrchr
strcpy
memset
_mbslwr
_itoa
__CxxFrameHandler
sprintf
rand
srand
_local_unwind2
_mbsicmp
memcmp
strncpy
_mbsnbcpy
free
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
malloc
_adjust_fdiv
_mbsstr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.share
Size: 4KB - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc89b81ad7f27d6893041fe610765e8b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

atl

msvcp60

urlmon

wininet

netapi32

version

msvcrt

Exports

Exports

Sections

.text Size: 212KB - Virtual size: 210KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 1KB

.share Size: 4KB - Virtual size: 48B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 212KB - Virtual size: 210KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 1KB

.share
Size: 4KB - Virtual size: 48B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB