e8690338e6a1dc442d484ab56a9d5003a979de10e2d25aa87afbe304c0b77567

Sharing

Copy URL Twitter E-mail

General

Target

e8690338e6a1dc442d484ab56a9d5003a979de10e2d25aa87afbe304c0b77567
Size

144KB
MD5

36bc0ec6d0a0573cbdfc6d1c38e18040
SHA1

dbaa81671921f50b1d7eacdb7c6a26bfc96825ab
SHA256

e8690338e6a1dc442d484ab56a9d5003a979de10e2d25aa87afbe304c0b77567
SHA512

49acf98cabaef41571cdc851589b057b37c3ef3b54d251753990499d4a59c40069caf3edf5acb68226856df5d1d5b43a3c742e9aa3d6e27f4dfefdf0a0a1cd9f
SSDEEP

3072:YzQLyjchqWJcEJq/kkepUGUu82qAJIGeT3/de:2Qwa5cEJTk6RhxqBrd

Score

N/A

Malware Config

Signatures

Files

e8690338e6a1dc442d484ab56a9d5003a979de10e2d25aa87afbe304c0b77567
.dll regsvr32 windows x86

0593bf8d687dbe0b0f2554360adb6fb1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegQueryValueExW
RegOpenKeyExW
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo

msvcrt

wctomb
??0exception@@QAE@ABV0@@Z
strncpy
??3@YAXPAX@Z
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
strstr
atoi
tmpnam
fopen
fwrite
fclose
??2@YAPAXI@Z
strtok
toupper
srand
__CxxFrameHandler
_CxxThrowException
free
__mb_cur_max
_stricmp
strerror
printf
isxdigit
isalpha
islower
tolower
isalnum
malloc
isspace
wcscmp
?what@exception@@UBEPBDXZ
wcslen
??0exception@@QAE@XZ
??1exception@@UAE@XZ
ispunct
isgraph
strchr
isupper

rpcrt4

UuidToStringA

user32

TranslateMessage
GetMessageA
DispatchMessageA
CreateWindowExA
RegisterClassExA
SetWindowPos
SystemParametersInfoA
wsprintfA
CloseClipboard
OpenClipboard
DefWindowProcA
EnumWindows
KillTimer
EnumChildWindows
ShowWindow
GetClassNameA
GetWindowThreadProcessId
SetTimer

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

wininet

InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
InternetCloseHandle

netapi32

Netbios

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoCreateGuid
CoInitialize

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

winmm

timeGetTime

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

oleaut32

VariantClear
SysFreeString
SysAllocString
GetErrorInfo

kernel32

FormatMessageA
LocalFree
GetLastError
Sleep
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetLocalTime
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
GetVersionExA
GetProcessHeap
GetThreadTimes
GetCurrentThread
lstrlenA
GetVersion
HeapSize
HeapAlloc
lstrcpynA
GetFullPathNameA
GetModuleFileNameA
SetLastError
SleepEx
GetWindowsDirectoryA
GetProcessTimes
GetCurrentProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
MultiByteToWideChar
GetSystemDirectoryA
GetSystemInfo
GetModuleHandleA
lstrcpyA
GetEnvironmentVariableA
InterlockedExchange
lstrcmpiA
lstrcmpA
CloseHandle
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
CreateFileA
GetCurrentProcessId
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
HeapFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0593bf8d687dbe0b0f2554360adb6fb1

Headers

File Characteristics

Imports

advapi32

msvcrt

rpcrt4

user32

shlwapi

wininet

netapi32

ole32

psapi

winmm

version

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 22KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 22KB

.reloc
Size: 8KB - Virtual size: 7KB