8e829b17661b79825dcafdebe132c16761ebed673ff02fa6d767a3703457a8c1

Sharing

Copy URL Twitter E-mail

General

Target

8e829b17661b79825dcafdebe132c16761ebed673ff02fa6d767a3703457a8c1
Size

235KB
MD5

1119a4f6a8c26cc801eb048682547c05
SHA1

174862484a8047ed86b34adc44cb2dabdee80098
SHA256

8e829b17661b79825dcafdebe132c16761ebed673ff02fa6d767a3703457a8c1
SHA512

8b2d3a54be092fadd020100f3409939ac518072a65ce7a617034b94e69ac827f72b1cc7f2bf1c0a35fd595c96d087a5877bdfcbe3fe8bbc415a26794ced36567
SSDEEP

3072:Xq62VsIDLU9f73tXFHg/+NT+hh/d5jJBnySaXpO3O475LkiCCVNkvuBL5Y8rpsf:66iskgJ73xNT+hFpuXpJ479hhK8psf

Score

N/A

Malware Config

Signatures

Files

8e829b17661b79825dcafdebe132c16761ebed673ff02fa6d767a3703457a8c1
.dll regsvr32 windows x86

def38e65d5935a6226ea762ed41971cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
lstrlenA
lstrcmpiA
lstrlenW
lstrcpyA
GetModuleHandleA
GetModuleFileNameA
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
lstrcpynA
IsDBCSLeadByte
Sleep
GetTickCount
lstrcatA
GetCurrentProcess
HeapFree
GetProcessHeap
FlushInstructionCache
HeapAlloc
GetCurrentThreadId
GetEnvironmentVariableA
VirtualProtect
VirtualQuery
CloseHandle
ResumeThread
WaitForSingleObject
CreateThread
SetEnvironmentVariableA
FreeLibrary
GetProcAddress
LoadLibraryA
GetLargestConsoleWindowSize
GetHandleInformation
GetGeoInfoW
GetGeoInfoA
GetFullPathNameW
GetFullPathNameA
GetFirmwareEnvironmentVariableW
GetFirmwareEnvironmentVariableA
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesExA
GetFileAttributesW
GetFileAttributesA
FileTimeToLocalFileTime
GetSystemInfo
GetComputerNameA
IsBadReadPtr
CreateMemoryResourceNotification
WriteProfileSectionA
EscapeCommFunction
ReleaseMutex
SetEvent
ResetEvent
CreateMutexA
CreateEventA
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpA
GetVolumeInformationA
FlushFileBuffers
SetStdHandle
SetFilePointer
IsBadCodePtr
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteFile
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
LocalFree
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TerminateProcess
SetUnhandledExceptionFilter
GetCurrentProcessId
QueryPerformanceCounter
IsBadWritePtr
VirtualFree
HeapCreate
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetCPInfo
GetOEMCP
GetCommandLineA
VirtualAlloc
GetSystemTimeAsFileTime
RtlUnwind
ExitProcess
HeapSize
HeapReAlloc
HeapDestroy

user32

DestroyAcceleratorTable
GetWindow
IsChild
GetFocus
SetFocus
GetDlgItem
RedrawWindow
GetClassNameA
GetParent
CreateAcceleratorTableA
BeginPaint
EndPaint
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
GetClientRect
FillRect
SetCapture
ReleaseCapture
GetWindowTextLengthA
GetWindowTextA
SendMessageA
SetWindowTextA
MsgWaitForMultipleObjects
AdjustWindowRect
AdjustWindowRectEx
AttachThreadInput
AnyPopup
GetLastActivePopup
GetTopWindow
IsGUIThread
IsIconic
WindowFromPoint
GetSysColor
RegisterWindowMessageA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetDesktopWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
wsprintfA
DestroyWindow
GetCursorPos
OffsetRect
GetWindowRect
CallWindowProcA
GetWindowLongA
SetWindowLongA
DefWindowProcA
SetWindowPos
IsWindow
MoveWindow
SetTimer
KillTimer
PostThreadMessageA
ShowWindowAsync
CharNextA
UnregisterClassA
ShowWindow
GetClassInfoExA

shlwapi

PathFindExtensionA
StrCmpNA
StrToIntA
StrStrA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

def38e65d5935a6226ea762ed41971cd

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

Exports

Exports

Sections

.text Size: 157KB - Virtual size: 156KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 15KB - Virtual size: 21KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 157KB - Virtual size: 156KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 15KB - Virtual size: 21KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 20KB - Virtual size: 19KB