e40ea509fb612e2ad5a467b383cfa45047af71950ed0dda963a48c616518a82e

Sharing

Copy URL Twitter E-mail

General

Target

e40ea509fb612e2ad5a467b383cfa45047af71950ed0dda963a48c616518a82e
Size

68KB
MD5

66da85f4d9569754345ba58d80799ce2
SHA1

75b068a64fb346169b721c25ed4deaebb813f0c7
SHA256

e40ea509fb612e2ad5a467b383cfa45047af71950ed0dda963a48c616518a82e
SHA512

f41341ad85a9f67889581c01ac44688f3c175a552064a4495388efb9da96db6acd60a772a3b2400f63631788b992558b557f78690869c500166df6c18e97b40e
SSDEEP

1536:7wI0CKWKX8Pk7kJ+ICS4Af6einXFLaSXCi7h:X0CKWKX8PLFR6ei0OCi7

Score

N/A

Malware Config

Signatures

Files

e40ea509fb612e2ad5a467b383cfa45047af71950ed0dda963a48c616518a82e
.dll regsvr32 windows x86

f4ee10be1d4d9d15c980ed904e3b7731

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumChildWindows
DefWindowProcA
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
RegisterClassExA
SetWindowPos
GetClassNameA
GetWindowThreadProcessId
wsprintfA
EnumWindows
SystemParametersInfoA

shlwapi

SHSetValueA
SHGetValueA
StrStrIA

msvcrt

_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_onexit
strstr
printf
atoi
tmpnam
fopen
fwrite
fclose
strtok
toupper
malloc
free
_stricmp
strncpy
isspace
__dllonexit
??1exception@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
strchr
_CxxThrowException
islower
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
ispunct
srand
__CxxFrameHandler
isxdigit

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

wininet

InternetOpenA
HttpQueryInfoA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetSetOptionA

advapi32

SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo

netapi32

Netbios

oleaut32

VariantClear
SysAllocString
GetErrorInfo

ole32

CoInitialize
CoCreateInstance
CoCreateGuid

rpcrt4

UuidToStringA

kernel32

LoadLibraryA
OpenProcess
MultiByteToWideChar
GetLocalTime
GetSystemDirectoryA
DeleteFileA
CreateProcessA
WaitForSingleObject
MoveFileExA
CreateFileA
lstrcmpA
GetCurrentDirectoryA
GetProcAddress
WriteProcessMemory
CreateRemoteThread
CloseHandle
FreeLibrary
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
GetModuleFileNameA
GetModuleHandleA
GetVersion
DisableThreadLibraryCalls
GetProcessHeap
GetCurrentProcessId
FreeEnvironmentStringsA
GetEnvironmentStrings
GetProcessTimes
GetCurrentProcess
Sleep
VirtualAllocEx
GetLastError
SleepEx
SetLastError
lstrlenA
GetFullPathNameA
LocalFree
FormatMessageA
HeapSize
HeapAlloc
HeapFree
lstrcpynA
lstrcmpiA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4ee10be1d4d9d15c980ed904e3b7731

Headers

File Characteristics

Imports

user32

shlwapi

msvcrt

psapi

wininet

advapi32

netapi32

oleaut32

ole32

rpcrt4

kernel32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 12KB - Virtual size: 12KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 12KB - Virtual size: 12KB

.reloc
Size: 4KB - Virtual size: 2KB