84395f9d50bdaed3af6b2f65ffb65c7e80d5741b374c909f0d9a77c1d1cfcb7b

Sharing

Copy URL Twitter E-mail

General

Target

84395f9d50bdaed3af6b2f65ffb65c7e80d5741b374c909f0d9a77c1d1cfcb7b
Size

152KB
MD5

8366710093e22bd086ee98a321f54470
SHA1

929511ae9af0bcfcced50c7cdb944bb547e53202
SHA256

84395f9d50bdaed3af6b2f65ffb65c7e80d5741b374c909f0d9a77c1d1cfcb7b
SHA512

868ed466e8ff7e025436e5bf980897717c23818fc687b562d06cd9d42a02427f10a8bc3bcaead39bf1b5c7167947a510eaf1094b514e0fd92edd200efe4c4b3a
SSDEEP

3072:pTZIiDNq6MW/RhNI69abSOTX3MgX4j4QXCl2Yo9ma1VUdPJD1ciPYFrXJ9:pYXWZsbbZXnio7SGdHPPQZ

Score

N/A

Malware Config

Signatures

Files

84395f9d50bdaed3af6b2f65ffb65c7e80d5741b374c909f0d9a77c1d1cfcb7b
.dll regsvr32 windows x86

f7adf5d33c50b3f4effa5cd2f0ec745c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid

netapi32

Netbios

msvcrt

tmpnam
??3@YAXPAX@Z
isalpha
wctomb
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
strstr
strtok
toupper
srand
isspace
__mb_cur_max
_stricmp
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
free
malloc
tolower
ispunct
isxdigit
strerror
islower
isalnum
?what@exception@@UBEPBDXZ
wcslen
wcscmp
strtol
atoi
printf
fopen
fwrite
fclose
strchr
strncpy
_CxxThrowException
??0exception@@QAE@XZ
??1exception@@UAE@XZ
isupper
isgraph
??2@YAPAXI@Z

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

winmm

timeGetTime

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

advapi32

RegQueryValueExW
RegOpenKeyExA
RegOpenKeyExW
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegCloseKey

wininet

InternetSetOptionA
HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetCloseHandle
InternetOpenUrlA

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

rpcrt4

UuidToStringA

user32

GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
KillTimer
SetTimer
DefWindowProcA
SystemParametersInfoA
SetWindowPos
wsprintfA
OpenClipboard
CloseClipboard

oleaut32

SysFreeString
SysAllocString
VariantClear
GetErrorInfo

kernel32

GetLastError
GetProcAddress
FreeLibrary
Sleep
GetVersion
GetCurrentDirectoryA
HeapFree
OpenProcess
CloseHandle
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
GetSystemDirectoryA
GetLocalTime
GetThreadTimes
LoadLibraryA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetModuleHandleA
lstrcpyA
GetWindowsDirectoryA
GetSystemInfo
MultiByteToWideChar
GetVersionExA
GetProcessTimes
GetCurrentProcess
GetEnvironmentVariableA
InterlockedExchange
lstrcmpiA
lstrcmpA
SleepEx
GetCurrentProcessId
CreateFileA
CreateRemoteThread
LocalFree
FormatMessageA
lstrlenA
HeapSize
HeapAlloc
GetProcessHeap
lstrcpynA
GetFullPathNameA
SetLastError
GetModuleFileNameA
GetCurrentThread
VirtualAllocEx
WriteProcessMemory

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7adf5d33c50b3f4effa5cd2f0ec745c

Headers

File Characteristics

Imports

ole32

netapi32

msvcrt

psapi

winmm

version

advapi32

wininet

shlwapi

rpcrt4

user32

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 20KB - Virtual size: 24KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 20KB - Virtual size: 24KB

.reloc
Size: 8KB - Virtual size: 7KB