aa2aec0bd6997527f91522f9bcc6365937aa10472d5821f8704f4616dcd4ad7c

Sharing

Copy URL Twitter E-mail

General

Target

aa2aec0bd6997527f91522f9bcc6365937aa10472d5821f8704f4616dcd4ad7c
Size

60KB
MD5

bfcda90c0d71b3a29d75fa3135563c51
SHA1

d75408a8639a444bf2b444aa35bad08c75554fd8
SHA256

aa2aec0bd6997527f91522f9bcc6365937aa10472d5821f8704f4616dcd4ad7c
SHA512

92effc34609dc95bcdbf92f9de65850d14fa971f498281d5cb56461d6db39c8706087e90b5ec7cdddc8697cc7aa5fd78d34744d3b1ca8ea6fb738ec1c8b1a125
SSDEEP

768:6s/wLZy0mrlsrCl45ovxQTzhKLyg3XT//ohF4osRwqcLJB7o3rDJ:f/Cmerm45JJKT/whFrs21Fobd

Score

N/A

Malware Config

Signatures

Files

aa2aec0bd6997527f91522f9bcc6365937aa10472d5821f8704f4616dcd4ad7c
.dll regsvr32 windows x86

6cfd630a3a14e92cc6b84003177c37e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
GetModuleFileNameA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
GetLastError
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrlenA
lstrcatA
CloseHandle
TerminateProcess
Process32Next
OpenProcess
Process32First
CreateToolhelp32Snapshot
WritePrivateProfileStringA
GetPrivateProfileStringA
GetFileAttributesA
GetLocalTime
GetSystemDirectoryA
GetWindowsDirectoryA
MultiByteToWideChar
lstrlenW
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpyA
DisableThreadLibraryCalls
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
RtlUnwind
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetStringTypeW
GetStringTypeA
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
HeapCreate
VirtualFree
ExitProcess
VirtualAlloc
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount

user32

CharNextA

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegEnumValueA

shell32

ShellExecuteA

ole32

CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc

oleaut32

LoadRegTypeLi
SysStringLen
VarUI4FromStr
SysFreeString
SysAllocString
LoadTypeLi
RegisterTypeLi

ws2_32

connect
WSAStartup
htons
getservbyname
closesocket
socket
gethostbyaddr
gethostbyname
inet_addr
WSACleanup
send
recv

urlmon

URLDownloadToFileA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cfd630a3a14e92cc6b84003177c37e7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

ws2_32

urlmon

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB