da65670a4adc918ef2e06ca96535b0e927d6041da0d89531ca32fcd70fa9f2cb

Sharing

Copy URL Twitter E-mail

General

Target

da65670a4adc918ef2e06ca96535b0e927d6041da0d89531ca32fcd70fa9f2cb
Size

128KB
MD5

58821e77d0b854d0f3c551914b7c3c16
SHA1

4b9f6c438efb6304b0127b7b6b0e86ad30cca0cd
SHA256

da65670a4adc918ef2e06ca96535b0e927d6041da0d89531ca32fcd70fa9f2cb
SHA512

af2b68880e61166244302837a7ebe7279ba0a412121502e9c470366f54b8cfdc20dc69bad039adc2dd6a49f2ecd926f4d68ebd0fefca11371b9325f82e22a343
SSDEEP

3072:8+/XQ4WGDwjPI8KHL5eWqdilNxCBlOJkTjGc:593zHLB16l7TjGc

Score

N/A

Malware Config

Signatures

Files

da65670a4adc918ef2e06ca96535b0e927d6041da0d89531ca32fcd70fa9f2cb
.dll regsvr32 windows x86

94038e39892b9a48e51ed959860167bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

ole32

CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoCreateInstance

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

user32

DispatchMessageA
SystemParametersInfoA
ShowWindow
CloseClipboard
OpenClipboard
wsprintfA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
KillTimer
SetTimer
DefWindowProcA
RegisterClassExA
CreateWindowExA
TranslateMessage
GetMessageA
SetWindowPos

wininet

HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
InternetReadFile

msvcrt

free
toupper
strtok
srand
strstr
fclose
fwrite
fopen
tmpnam
atoi
strtol
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
wcscmp
wcslen
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@XZ
strchr
__CxxFrameHandler
printf
ispunct
tolower
??3@YAXPAX@Z
??2@YAPAXI@Z
isupper
isgraph
__mb_cur_max
malloc
wctomb
islower
strerror
strncpy
isalnum
isxdigit
isspace
isalpha
??0exception@@QAE@ABV0@@Z
_stricmp
_CxxThrowException

rpcrt4

UuidToStringA

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegOpenKeyExA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

oleaut32

VariantClear
SysAllocString
SysFreeString
GetErrorInfo

netapi32

Netbios

kernel32

WaitForSingleObject
MoveFileExA
CreateFileA
GetLocalTime
GetCurrentProcessId
OpenProcess
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
CloseHandle
SleepEx
lstrcmpA
lstrcmpiA
InterlockedExchange
lstrcpynA
GetEnvironmentVariableA
GetVersion
HeapAlloc
HeapSize
FormatMessageA
CreateProcessA
GetFullPathNameA
SetLastError
GetWindowsDirectoryA
Sleep
GetCurrentProcess
GetProcessTimes
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryA
HeapFree
GetProcessHeap
GetLastError
GetVersionExA
MultiByteToWideChar
lstrcpyA
GetCurrentThread
GetSystemInfo
GetSystemDirectoryA
DeleteFileA
QueryPerformanceFrequency
GetCurrentDirectoryA
QueryPerformanceCounter
lstrlenA
FreeEnvironmentStringsA
GetEnvironmentStrings
LocalFree
GetThreadTimes
GetModuleFileNameA
GetModuleHandleA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94038e39892b9a48e51ed959860167bf

Headers

File Characteristics

Imports

winmm

ole32

shlwapi

user32

wininet

msvcrt

rpcrt4

advapi32

version

psapi

oleaut32

netapi32

kernel32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 16KB - Virtual size: 20KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 16KB - Virtual size: 20KB

.reloc
Size: 8KB - Virtual size: 6KB