b4f9d5a431a5b44e9debee7c33dead4235c333214500042201b3a96a28b9ec17

Sharing

Copy URL Twitter E-mail

General

Target

b4f9d5a431a5b44e9debee7c33dead4235c333214500042201b3a96a28b9ec17
Size

296KB
MD5

334f9ec430da2f198e48151b2891ce09
SHA1

df01eee005fc8d60119a74cd971bce9aa51ad663
SHA256

b4f9d5a431a5b44e9debee7c33dead4235c333214500042201b3a96a28b9ec17
SHA512

0d8402748286e62dd84e192fc680095695598a4f092809694a4986cefc6e6cacd79feafc423e88f2150b26f394182a75b53279e8445fb1b76426cd7b93bb25e1
SSDEEP

6144:zu0ZQEgR48PIbxkoBVEkZNdYTmq7lgwXLmRaR:C0jgRuF9B+YdYTnlgwXLjR

Score

N/A

Malware Config

Signatures

Files

b4f9d5a431a5b44e9debee7c33dead4235c333214500042201b3a96a28b9ec17
.dll regsvr32 windows x86

1428ab7ec04cd4ae43898a218e19868c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
OleCreateFontIndirect
SysStringByteLen
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysStringLen
DispCallFunc
VarUI4FromStr
SysAllocString
SysAllocStringLen
VariantClear
VariantInit

kernel32

DeleteCriticalSection
lstrlenA
lstrcmpiA
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
CloseHandle
ReadFile
SetFilePointer
CreateFileA
Sleep
VirtualProtect
LockResource
GetCurrentThreadId
GetProcessId
DisableThreadLibraryCalls
GetCurrentProcessId
GetProcAddress
LoadLibraryA
SetThreadLocale
GetThreadLocale
VirtualAlloc
IsBadReadPtr
VirtualFree
HeapFree
GetProcessHeap
HeapAlloc
lstrcmpA
CreateThread
VirtualQuery
WaitForSingleObject
CreateProcessA
GetTempPathA
GlobalUnlock
GlobalLock
GlobalAlloc
FlushInstructionCache
GetCurrentProcess
MulDiv
SetLastError
GetLastError
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetStartupInfoA
SetHandleCount
GetFileType
SetStdHandle
GetCurrentDirectoryA
GetFullPathNameA
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
WriteFile
ExitProcess
HeapCreate
HeapDestroy
GetCommandLineA
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
RtlUnwind
GetSystemInfo
HeapReAlloc
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InterlockedCompareExchange
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
LocalFree
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSection
GetStringTypeW
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetStringTypeA

user32

SetTimer
KillTimer
CreateAcceleratorTableA
IsWindow
GetDesktopWindow
GetWindow
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
FillRect
ReleaseCapture
GetClassNameA
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
SetWindowPos
MoveWindow
GetSysColor
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
DefWindowProcA
SendMessageA
DestroyWindow
CreateWindowExA
GetWindowLongA
SetWindowLongA
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
GetActiveWindow
GetFocus
GetSystemMetrics
ShowWindow
wsprintfA
SetForegroundWindow
SetActiveWindow
SetFocus
CharNextA
GetDlgItem
UnregisterClassA

gdi32

GetStockObject
GetObjectA
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject

ole32

CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
OleLockRunning
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoGetClassObject
CoInitialize
CoUninitialize
CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc

urlmon

CoInternetGetSession

advapi32

RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 200KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1428ab7ec04cd4ae43898a218e19868c

Headers

File Characteristics

Imports

oleaut32

kernel32

user32

gdi32

ole32

urlmon

advapi32

Exports

Exports

Sections

.text Size: 200KB - Virtual size: 198KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 28KB - Virtual size: 33KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 200KB - Virtual size: 198KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 28KB - Virtual size: 33KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 20KB - Virtual size: 19KB