f42b6fee421f6acff8df9c8e4a3a71e4a3fdfb42e1b323793f85438b562d2e4a

Sharing

Copy URL Twitter E-mail

General

Target

f42b6fee421f6acff8df9c8e4a3a71e4a3fdfb42e1b323793f85438b562d2e4a
Size

288KB
MD5

4e68cf0afb2a672454a1fa733aec6119
SHA1

b986c16fe242e1d1e3201f764725226154bb621a
SHA256

f42b6fee421f6acff8df9c8e4a3a71e4a3fdfb42e1b323793f85438b562d2e4a
SHA512

ef7d053314f235990fb69aec15620e53bdf0e2b891d6705962c4bdf5ebcda9ab06395038017f2e870a79a5d3d49ea0f88b603f135f6b1c5e28274a5d8d087a63
SSDEEP

6144:KaBevyyANHsl0OS2woviTReWOQoAwcXsfip4HeMab5:Y6j1fOtwoviReWOQoAwcXwip4e5

Score

N/A

Malware Config

Signatures

Files

f42b6fee421f6acff8df9c8e4a3a71e4a3fdfb42e1b323793f85438b562d2e4a
.dll regsvr32 windows x86

5f930d1cb893f85482bad4a6580501f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnregisterClassA
SetWindowLongA
GetWindowLongA
CreateWindowExA
DestroyWindow
ShowWindow
SendMessageA
DefWindowProcA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
RegisterClassExA
LoadCursorA
GetClassInfoExA
RegisterWindowMessageA
GetSysColor
SetTimer
KillTimer
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
GetActiveWindow
GetSystemMetrics
SetForegroundWindow
SetActiveWindow
wsprintfA
CreateAcceleratorTableA
IsWindow
GetDesktopWindow
SetFocus
GetFocus
GetWindow
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
FillRect
ReleaseCapture
GetClassNameA
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
SetWindowPos
MoveWindow
CharNextA

advapi32

RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA
RegDeleteValueA

ole32

CoTaskMemRealloc
CoTaskMemFree
CoGetClassObject
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
StringFromGUID2
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoInitialize
CoTaskMemAlloc

oleaut32

RegisterTypeLi
UnRegisterTypeLi
OleCreateFontIndirect
SysStringByteLen
LoadTypeLi
LoadRegTypeLi
SysStringLen
DispCallFunc
VariantInit
VarUI4FromStr
SysAllocString
SysAllocStringLen
VariantClear
SysFreeString

gdi32

SelectObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateSolidBrush
GetObjectA
GetStockObject
DeleteObject

kernel32

InterlockedExchange
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetStartupInfoA
SetHandleCount
GetFileType
SetStdHandle
GetCurrentDirectoryA
GetFullPathNameA
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
WriteFile
ExitProcess
HeapCreate
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapDestroy
GetVersionExA
GetCommandLineA
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
RtlUnwind
VirtualQuery
GetSystemInfo
HeapReAlloc
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LocalFree
GetTempPathA
CreateProcessA
GetThreadLocale
SetThreadLocale
DisableThreadLibraryCalls
LockResource
Sleep
SetLastError
GetCurrentThreadId
MulDiv
lstrcmpA
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedCompareExchange
InterlockedDecrement
InitializeCriticalSection
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
RaiseException
GetLastError
DeleteCriticalSection
lstrlenA
lstrcmpiA
InterlockedIncrement
IsProcessorFeaturePresent
IsDBCSLeadByte
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
VirtualAlloc
GetProcAddress
LoadLibraryA
IsBadReadPtr
VirtualProtect
VirtualFree
HeapFree
GetProcessHeap
HeapAlloc
CloseHandle
ReadFile
SetFilePointer
CreateFileA
WaitForSingleObject
CreateThread
GlobalUnlock
GlobalLock
GlobalAlloc
FlushInstructionCache
GetCurrentProcess

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f930d1cb893f85482bad4a6580501f0

Headers

File Characteristics

Imports

user32

advapi32

ole32

oleaut32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 200KB - Virtual size: 196KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 20KB - Virtual size: 24KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 200KB - Virtual size: 196KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 20KB - Virtual size: 24KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 20KB - Virtual size: 19KB