bf7c061352480a50e84ef0ade5e73763f59a47c9df19d1c282c29e27a8a800c3

Sharing

Copy URL Twitter E-mail

General

Target

bf7c061352480a50e84ef0ade5e73763f59a47c9df19d1c282c29e27a8a800c3
Size

424KB
MD5

1c7147a6fec144bdbb640d35e7693d61
SHA1

58e59785122db71377a95ad1c9b2f1f43424c062
SHA256

bf7c061352480a50e84ef0ade5e73763f59a47c9df19d1c282c29e27a8a800c3
SHA512

002101065bea55ee4c190b89146ac7c69d4edbfe0d912ba2482c38406a0f546a2cffa7a011e1dd365a9c5f4351c49e3af3d46aec59d72b9cc04a845ab1ae9842
SSDEEP

6144:kmVfBJXDOgDXKRK4QzCtqqiVyUZkZOhwIqmJFD5:FFXDOgWRiz3RVyUZkZOCIqmJv

Score

N/A

Malware Config

Signatures

Files

bf7c061352480a50e84ef0ade5e73763f59a47c9df19d1c282c29e27a8a800c3
.dll regsvr32 windows x86

67925b566a2579d246297144b32da328

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libcurl

curl_global_cleanup
curl_global_init
curl_easy_init
curl_easy_setopt
curl_formadd
curl_formfree
curl_easy_perform

kernel32

CreateTimerQueueTimer
DeleteTimerQueueTimer
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrcmpiW
InterlockedIncrement
Sleep
GetTickCount
InterlockedDecrement
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
CreateProcessA
CreateSemaphoreW
CloseHandle
WaitForSingleObject
ReleaseSemaphore
OpenSemaphoreW
DeleteTimerQueue
EnterCriticalSection
LeaveCriticalSection
OpenMutexW
CreateMutexW
GetACP
CreateTimerQueue
GetCurrentThreadId
SetThreadLocale
GetThreadLocale
LockResource
FindResourceExW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CreateFileW
TerminateThread
GetCurrentProcessId
RaiseException
WriteFile
ReadFile
GetFileSize
CreateThread
GetCommandLineW
InitializeCriticalSectionAndSpinCount
GetTempPathW
ExitProcess
GetVersionExA
GetVolumeInformationW
SetErrorMode
GetFileTime
GetWindowsDirectoryW
GetExitCodeProcess
CreateProcessW
GetSystemDirectoryW
SetFileTime
WideCharToMultiByte
LocalFree
InterlockedExchange
GetLocaleInfoA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
lstrlenW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
CreateFileA
lstrlenA
GetStringTypeA
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
HeapCreate
VirtualFree
GetCommandLineA
VirtualQuery
GetSystemInfo
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetSystemTimeAsFileTime
VirtualProtect
VirtualAlloc
GetProcAddress
GetModuleHandleA

user32

PostMessageW
FindWindowExW
ShowWindow
GetActiveWindow
GetMessageW
AllowSetForegroundWindow
GetForegroundWindow
SetWindowPos
PostThreadMessageW
CharNextW
GetKeyboardState
UnregisterClassA

advapi32

RegOpenKeyExW
GetUserNameW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoInitialize
StringFromGUID2
OleRun
CLSIDFromProgID
CLSIDFromString
CoUninitialize

oleaut32

LoadTypeLi
SysAllocStringByteLen
GetErrorInfo
VariantChangeType
RegisterTypeLi
UnRegisterTypeLi
SysFreeString
LoadRegTypeLi
SysAllocString
VarUI4FromStr
VariantInit
VariantClear
SysStringLen
SysStringByteLen

shlwapi

UrlEscapeW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 340KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67925b566a2579d246297144b32da328

Headers

File Characteristics

Imports

libcurl

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 340KB - Virtual size: 337KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: 340KB - Virtual size: 337KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 20KB - Virtual size: 17KB