f5c4b5078c5559fa2f151621cc4967de955619fa056e7214897ef92b87e43b83

Sharing

Copy URL Twitter E-mail

General

Target

f5c4b5078c5559fa2f151621cc4967de955619fa056e7214897ef92b87e43b83
Size

76KB
MD5

da80f2413acffb33caa75716b8e79dbf
SHA1

dcc3e353a4b7dcdc81ed229428aee8404b3dbb08
SHA256

f5c4b5078c5559fa2f151621cc4967de955619fa056e7214897ef92b87e43b83
SHA512

be6228e6b8f5dfae6037881c273f147ea0a869364c512795f2657e0e4509ca29993aa267a4cd0771b4e7f2c6e791df79bcce2ab8e3f5666d1a9faac03c1d4278
SSDEEP

1536:ztG0hmFmTSE5FQaKl51icE+KpGAJMuZhc5Aol4da+:ztG0EUTdFSn7KpGABZhc5AY4da

Score

N/A

Malware Config

Signatures

Files

f5c4b5078c5559fa2f151621cc4967de955619fa056e7214897ef92b87e43b83
.dll regsvr32 windows x86

eaabc46f6e3149d58ca0249df6250a74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetNumberOfConsoleInputEvents
EnumResourceNamesA
ReadConsoleInputA
GlobalFlags
SetVolumeMountPointW
GetAtomNameA
GetDriveTypeW
CreatePipe
GlobalMemoryStatus
GetComputerNameW
SetFilePointer
OpenSemaphoreW
GetEnvironmentVariableW
GetWindowsDirectoryA
CreateMailslotW
GetSystemDefaultUILanguage
IsValidLanguageGroup
FindFirstVolumeW
IsProcessorFeaturePresent
BackupWrite
lstrcmpW
DisconnectNamedPipe
GetBinaryTypeA
lstrcatA
SetCommBreak
lstrcmpiW
GetProcessAffinityMask
ReleaseSemaphore
AddAtomA
GetFileAttributesA
GetTimeFormatA
GetLocalTime
IsBadCodePtr
FindResourceExW
GetCommandLineW
CreateMutexA
FindFirstChangeNotificationW
SetDefaultCommConfigW
RegisterWaitForSingleObject
SetCurrentDirectoryA
LockResource
SetHandleInformation
GetThreadContext
GetComputerNameExW
GetModuleFileNameW
WriteConsoleW
FindFirstVolumeMountPointW
GetTempFileNameW
GetComputerNameA
GetTickCount
LocalFree
GlobalAlloc
LoadLibraryA
MoveFileA
InitializeCriticalSection
UnmapViewOfFile
CreateDirectoryA
LeaveCriticalSection
GetProcAddress
VirtualProtect
GetFileInformationByHandle

user32

DefFrameProcA
IntersectRect
OpenDesktopA
GetWindowInfo
DefFrameProcW
SendMessageTimeoutW
ClientToScreen
GetWindowWord
GetInputState
EnumDesktopsW
PostMessageA
GetDlgItemTextW
CopyIcon
SetWindowLongA
InSendMessage
SendInput
SetCursorPos
EndTask
GetMenuItemCount
LoadImageA
InsertMenuItemA
GetWindowLongA
LoadIconA
MapWindowPoints
DrawIconEx
SetWindowTextA
IsIconic
GetCursorPos
LockWindowUpdate
SubtractRect
GetForegroundWindow
PostThreadMessageA
CallNextHookEx
SendMessageA
UnhookWindowsHookEx
GetClassNameA
GetMessageA

advapi32

RegQueryValueExA
LookupAccountNameA
RegCloseKey
RegSetValueExA
CreateServiceW
GetServiceKeyNameW
QueryServiceStatus
RegEnumKeyW
CredReadDomainCredentialsW
RegEnumValueA
RegLoadKeyA
StartServiceCtrlDispatcherW
OpenEventLogW
IsTokenRestricted
ReportEventW
GetTokenInformation
RegUnLoadKeyW
QueryServiceLockStatusW
CredGetSessionTypes
RegisterEventSourceW
LockServiceDatabase
OpenSCManagerA
RegisterServiceCtrlHandlerExW
RegDisablePredefinedCache
RegSetValueExW
SetNamedSecurityInfoA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eaabc46f6e3149d58ca0249df6250a74

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 2KB