9c4308a98e52b533b76ca6129d960753c2f261bef22f7e493a220721ff2ad612

Sharing

Copy URL Twitter E-mail

General

Target

9c4308a98e52b533b76ca6129d960753c2f261bef22f7e493a220721ff2ad612
Size

88KB
MD5

b655bd8c44a739ac68b92384a1000983
SHA1

09fb68b2da9f04a8ad9996dbb1ada09923a453eb
SHA256

9c4308a98e52b533b76ca6129d960753c2f261bef22f7e493a220721ff2ad612
SHA512

fe7ed25e4c03cb2fcfd634876563769e1125da1f3e4c2a138e72bc2f5adae05c0db7d6315b0db0e81ff29f0752a0cb05b78e974ac13dc73e1ccc8eabc01bf112
SSDEEP

1536:wox84FeGKhf7NMXW1wVwchY5y4/iNmICS4AJFw2La6WcrO8R:nx8MeGKhfh1OyD4NdwZmr1R

Score

N/A

Malware Config

Signatures

Files

9c4308a98e52b533b76ca6129d960753c2f261bef22f7e493a220721ff2ad612
.dll regsvr32 windows x86

45c96f1a21f5fca2488adc46a04c8885

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidToStringA

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

ole32

CoCreateInstance
CoInitialize
CoCreateGuid

oleaut32

VariantClear
GetErrorInfo
SysAllocString

netapi32

Netbios

wininet

HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetSetOptionA

user32

DefWindowProcA
wsprintfA
EnumWindows
SystemParametersInfoA
SetTimer
SetWindowPos
OpenClipboard
CloseClipboard
RegisterClassExA
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
GetClassNameA
CreateWindowExA
GetWindowThreadProcessId
ShowWindow
EnumChildWindows

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

advapi32

CryptReleaseContext
CryptAcquireContextA
CryptGenRandom
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo

msvcrt

??3@YAXPAX@Z
strtok
??2@YAPAXI@Z
isgraph
free
malloc
fclose
fwrite
fopen
tmpnam
atoi
strncpy
islower
isalnum
wctomb
__mb_cur_max
srand
tolower
strerror
printf
??0exception@@QAE@ABV0@@Z
_CxxThrowException
strchr
??0exception@@QAE@XZ
??1exception@@UAE@XZ
strstr
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__CxxFrameHandler
toupper
_stricmp
isupper

kernel32

WriteProcessMemory
CreateRemoteThread
GetCurrentProcess
GetProcessTimes
lstrcmpA
FormatMessageA
LocalFree
GetFullPathNameA
SetLastError
GetLastError
lstrcmpiA
SleepEx
GetCurrentProcessId
GetModuleHandleA
GetModuleFileNameA
OpenProcess
DisableThreadLibraryCalls
GetEnvironmentStrings
VirtualAllocEx
GetProcessHeap
HeapAlloc
HeapSize
GetVersion
lstrlenA
lstrcpyA
HeapFree
GetLocalTime
GetSystemDirectoryA
DeleteFileA
CreateProcessA
WaitForSingleObject
LoadLibraryA
GetProcAddress
FreeLibrary
MoveFileExA
CreateFileA
CloseHandle
MultiByteToWideChar
Sleep
GetTickCount
FreeEnvironmentStringsA
QueryPerformanceCounter
QueryPerformanceFrequency

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45c96f1a21f5fca2488adc46a04c8885

Headers

File Characteristics

Imports

rpcrt4

psapi

ole32

oleaut32

netapi32

wininet

user32

shlwapi

advapi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 16KB - Virtual size: 15KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 16KB - Virtual size: 15KB

.reloc
Size: 4KB - Virtual size: 2KB