ffc58be2f38947f7f8e567c75105cbf16f699cb852925335cb66f38ce4ce0986

Sharing

Copy URL Twitter E-mail

General

Target

ffc58be2f38947f7f8e567c75105cbf16f699cb852925335cb66f38ce4ce0986
Size

92KB
MD5

e8a43668f804969b3974fe49aff56e30
SHA1

10a69819496fb5944b2712ceeb63fb5bd9cbbbf9
SHA256

ffc58be2f38947f7f8e567c75105cbf16f699cb852925335cb66f38ce4ce0986
SHA512

c64debdd116ea06237fd7bd2230b7d928ebaea52f1a5e170ce0469c3d8b9dc1dec91956b9db8659b63fde7e470fdda6b266d6ff2deeb902ae5ea1f306d77dda3
SSDEEP

1536:L1MzlJ9QZOf9mKc1C5eyRf/4kiRZ/C6Bww4qpe5GJ24tlR3YmGulk1kJZ:JajMvFBfpV24tomGulka

Score

N/A

Malware Config

Signatures

Files

ffc58be2f38947f7f8e567c75105cbf16f699cb852925335cb66f38ce4ce0986
.dll regsvr32 windows x86

4c290d84847eee557cce63eddc62baa7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegFlushKey
SetSecurityInfo
SetEntriesInAclA
RegCreateKeyExA

shlwapi

StrRChrA

urlmon

URLDownloadToCacheFileA

rpcrt4

UuidToStringA
RpcStringFreeA
UuidCreate

kernel32

GetSystemInfo
VirtualProtect
SetEndOfFile
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
LocalFree
lstrlenA
lstrcmpiA
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
GetSystemDirectoryA
lstrlenW
DeleteFileA
CreateThread
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
ReadFile
CreateFileA
FlushFileBuffers
SetStdHandle
SetFilePointer
GetLastError
EnterCriticalSection
LeaveCriticalSection
ExitProcess
RtlUnwind
HeapFree
GetSystemTimeAsFileTime
GetCommandLineA
HeapAlloc
HeapReAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
VirtualQuery
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
HeapSize
CloseHandle
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
LoadLibraryA
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo

user32

EnumThreadWindows
FindWindowExA
SendMessageA
GetClassNameA
IsWindow

oleaut32

VariantClear
VariantChangeType
VariantCopy
VariantInit
SysAllocString
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newsec
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4c290d84847eee557cce63eddc62baa7

Headers

File Characteristics

Imports

advapi32

shlwapi

urlmon

rpcrt4

kernel32

user32

oleaut32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 11KB

.reloc Size: 8KB - Virtual size: 6KB

.newsec Size: 4KB - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 11KB

.reloc
Size: 8KB - Virtual size: 6KB

.newsec
Size: 4KB - Virtual size: 4KB