2902873b6b974cc6f8e63f489c067f8080f61a4459feae16dfc69cef4bed284a

Sharing

Copy URL

Twitter E-mail

General

Target

2902873b6b974cc6f8e63f489c067f8080f61a4459feae16dfc69cef4bed284a
Size

192KB
MD5

6d1f9f5c9a695cf4ee893d362b5796e5
SHA1

60f99867ac432855beba5f36791fcccf5467337d
SHA256

2902873b6b974cc6f8e63f489c067f8080f61a4459feae16dfc69cef4bed284a
SHA512

07df1b5ef3b3ccbe06aa6ca5b40710991757aa9bf41aa89d2762a0ee13ea0586d618daac4f9ea36d355f0e2b7a3e4016b15027bbc9ec803a28ad7a20bb0dded1
SSDEEP

3072:lZ0fy4zHjxXKzNPx0339Xuv2ie6cb1RAs5goAj1Dd27DJylWkZX9:X0q4zHjYzNO9XuujZLA8goAjBd27IZt

Score

N/A

Malware Config

Signatures

Files

2902873b6b974cc6f8e63f489c067f8080f61a4459feae16dfc69cef4bed284a
.dll regsvr32 windows x86

7eb431c67bb81b5280389a9cf96908a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
CreateFileA
UnmapViewOfFile
SetEndOfFile
GetOEMCP
GetACP
SetFilePointer
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
MapViewOfFile
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
ReadFile
HeapSize
TerminateProcess
LCMapStringW
LCMapStringA
ExitProcess
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetVersion
GetCommandLineA
HeapReAlloc
HeapAlloc
RtlUnwind
InterlockedExchange
Sleep
WinExec
IsDBCSLeadByte
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
HeapDestroy
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
CreateMutexA
GetLastError
GetComputerNameA
Process32First
Process32Next
GetShortPathNameA
FreeLibrary
FindFirstFileW
FindNextFileW
FindClose
ExpandEnvironmentStringsW
LocalFree
lstrcatW
lstrcmpiW
lstrcpynW
lstrlenW
GetProcessHeap
HeapFree
WriteProcessMemory
CreateToolhelp32Snapshot
Module32First
Module32Next
lstrcmpiA
GetCurrentProcessId
lstrlenA
CloseHandle
OpenProcess
GetModuleFileNameA
GetWindowsDirectoryA
lstrcatA
GetSystemDefaultLangID
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrcpyW
lstrcmpA
lstrcpyA
WideCharToMultiByte
MultiByteToWideChar
lstrcpynA
GetModuleHandleA
GetVersionExA
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
LoadLibraryA
GetProcAddress
FreeEnvironmentStringsW

user32

CharNextA
wsprintfW
SetWindowsHookExW
FindWindowW
LoadIconW
LoadImageW
FindWindowExW
DrawTextW
DrawIconEx
SetWindowTextA
GetCursorPos
SetTimer
UpdateWindow
DefWindowProcA
IsWindow
GetWindowRect
GetDlgCtrlID
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
PostMessageW
SendMessageW
GetWindowDC
LoadImageA
KillTimer
CopyRect
IsRectEmpty
GetWindowThreadProcessId
FillRect
GetFocus
LoadIconA
DestroyIcon
FindWindowExA
GetSysColor
SendMessageA
GetWindowTextLengthA
SetFocus
LoadBitmapA
CallWindowProcW
SetWindowLongW
GetClassNameA
GetParent
GetWindowLongW
FindWindowA
GetSystemMetrics
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
ReleaseDC
EndPaint
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
ReleaseCapture
SetCapture
PtInRect
GetDC
InflateRect
BeginPaint
SystemParametersInfoA
ShowWindow
PostMessageA
MoveWindow
SetWindowRgn
ScreenToClient
OffsetRect
SetRectEmpty
GetClientRect
DrawFrameControl
GetWindowTextA
DrawTextA

gdi32

SetStretchBltMode
StretchBlt
ExtTextOutA
GetStockObject
GetObjectA
CreateFontIndirectA
DeleteObject
SetBkColor
SelectObject
CreateCompatibleBitmap
SetTextColor
SetBkMode
FrameRgn
OffsetRgn
CreateSolidBrush
ExcludeClipRect
SetWindowOrgEx
GetClipBox
BitBlt
EqualRgn
CombineRgn
CreateRectRgn
CreatePolygonRgn
SetViewportOrgEx
GetViewportOrgEx
SetPixel
GetTextExtentPoint32A
GetTextExtentPointA
GetTextExtentPoint32W
GetTextExtentPointW
DeleteDC
CreateCompatibleDC

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegQueryInfoKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteValueA
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegEnumValueW
RegEnumKeyExA

shell32

ShellExecuteA
SHGetSpecialFolderPathW
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation

ole32

CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemRealloc

oleaut32

VarUI4FromStr
SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
OleTranslateColor

shlwapi

StrDupA
PathAppendA
PathRemoveFileSpecA
StrNCatW
StrCmpNIW
PathIsDirectoryW
PathFileExistsW
StrRStrIW
StrRetToBufW
StrCmpIW
StrCpyW
PathIsURLW
UrlApplySchemeW
StrDupW
StrStrW
StrStrIW
StrStrA
StrStrIA
SHDeleteValueA
SHGetValueA
StrCmpW

wininet

InternetCrackUrlW

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Draw
ImageList_SetBkColor
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_Remove
ImageList_Destroy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7eb431c67bb81b5280389a9cf96908a3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

wininet

version

comctl32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 113KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 12KB - Virtual size: 57KB

Shared Size: 4KB - Virtual size: 60B

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 16KB - Virtual size: 12KB

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 12KB - Virtual size: 57KB

Shared
Size: 4KB - Virtual size: 60B

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 16KB - Virtual size: 12KB