ee6f3a5083d6a837b0014880f22a244a3407d03a03a37438029be99806a70830

Sharing

Copy URL Twitter E-mail

General

Target

ee6f3a5083d6a837b0014880f22a244a3407d03a03a37438029be99806a70830
Size

188KB
MD5

e7ff539c20bc5c279b0805468cdf5ec8
SHA1

54452891d08d3b035ec213e016919d432e66126c
SHA256

ee6f3a5083d6a837b0014880f22a244a3407d03a03a37438029be99806a70830
SHA512

fb6f57ed4e1c4d5fe58878195e77721a8a518942cd68aa89c2d481ab9067871e857ea5269f4cae02834831fb13009af0763ecd29cee445662f1dc6ff276c7962
SSDEEP

3072:RRJHaqHOjQBHtI52Ldr/4TCpyxuK0foCBxlDtliAmaFDwIdcwNZZ8:XdaaOj6E2BwTwrK0ftDtl1maFDwIdcwO

Score

N/A

Malware Config

Signatures

Files

ee6f3a5083d6a837b0014880f22a244a3407d03a03a37438029be99806a70830
.dll regsvr32 windows x86

b0b8e539c4103bbe08ac69432e6eeca1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
GetCurrentProcess
InitializeCriticalSection
DisableThreadLibraryCalls
FindFirstFileW
FindNextFileW
FindClose
FormatMessageW
LocalAlloc
WaitForMultipleObjects
LoadLibraryW
GetLastError
lstrlenA
lstrcmpW
GetLocaleInfoW
GetVersionExW
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
GetModuleFileNameW
GetComputerNameW
lstrcpynW
GetModuleHandleW
GetProcAddress
lstrlenW
WaitForSingleObject
GetCurrentThreadId
CreateThread
Sleep
SetEvent
CloseHandle
CreateEventW
LocalFree
ResetEvent

shell32

StrCpyNW
StrStrW
StrChrW

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SafeArrayUnaccessData
SysAllocStringLen
SafeArrayAccessData
VariantInit
SafeArrayCreateVector
SysStringLen
LoadRegTypeLi
DispCallFunc
SysAllocString

shfolder

SHGetFolderPathW

wininet

HttpSendRequestW
HttpOpenRequestW
InternetReadFile
InternetCloseHandle
InternetCrackUrlW
InternetOpenW
InternetConnectW

atl

ord18
ord15
ord16
ord21
ord57
ord30
ord58
ord11
ord10
ord32
ord23

msvcp60

?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

msvcrt

malloc
_adjust_fdiv
_initterm
??2@YAPAXI@Z
__CxxFrameHandler
time
strlen
_CxxThrowException
memcpy
_purecall
memcmp
memset
printf
strtol
strchr
free
__dllonexit
_onexit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ

user32

wsprintfA
wsprintfW

shlwapi

StrNCatW
StrToIntW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0b8e539c4103bbe08ac69432e6eeca1

Headers

File Characteristics

Imports

kernel32

shell32

ole32

oleaut32

shfolder

wininet

atl

msvcp60

msvcrt

user32

shlwapi

Exports

Exports

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 10KB - Virtual size: 9KB