7ca6f49538572f95b65521dc39bee7aee6a7b2f6a6a9a995e4d390829a6229ad

Sharing

Copy URL

Twitter E-mail

General

Target

7ca6f49538572f95b65521dc39bee7aee6a7b2f6a6a9a995e4d390829a6229ad
Size

48KB
MD5

6843a63646dc5da86f24c8219b7aa353
SHA1

d9b23a29dd18aafb894fe3229fe68bc566dda64b
SHA256

7ca6f49538572f95b65521dc39bee7aee6a7b2f6a6a9a995e4d390829a6229ad
SHA512

13baa5b7f1ee77459afb92e5de0ce54652ad4aaaea3821a986b1127ca8ca34f263925fe04fa9509c4844e860aa338bc21f4c03922adb105ca4e629cf2efc8ef3
SSDEEP

768:DztpL0jf6jsQmbUC7ZhGfDxUmxopk2PkD/+QOmPZTykpNMSzbtaIftBDSjDx0NT8:nH0jCjsQmtSfD2waPO5MeMS9aIXDSp0+

Score

N/A

Malware Config

Signatures

Files

7ca6f49538572f95b65521dc39bee7aee6a7b2f6a6a9a995e4d390829a6229ad
.dll regsvr32 windows x86

21b2577cb34bb7bbca528841990f4eea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
Sleep
SetFileAttributesA
MoveFileA
MultiByteToWideChar
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
HeapDestroy
CreateThread
lstrlenA
GetShortPathNameA
GetModuleHandleA
WideCharToMultiByte
WritePrivateProfileStringA
Process32Next
Process32First
RemoveDirectoryA
GetExitCodeProcess
WaitForSingleObject
ExitProcess
GetCurrentProcessId
CreateDirectoryA
GetSystemDirectoryA
CreateProcessA
CloseHandle
GetModuleFileNameA
FindFirstFileA
GetPrivateProfileStringA
DeleteFileA
FindNextFileA
GetProcAddress
GetCommandLineW
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
LoadLibraryA
lstrlenW

advapi32

GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetEntriesInAclA
SetNamedSecurityInfoA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

CommandLineToArgvW
SHGetSpecialFolderPathA

ole32

CoCreateInstance
CoUninitialize
CoGetInterfaceAndReleaseStream
CoInitialize
CoMarshalInterThreadInterfaceInStream

oleaut32

VariantClear
SysAllocString
SysStringLen
LoadRegTypeLi
SysFreeString

msvcrt

fseek
_strlwr
_stricmp
_adjust_fdiv
malloc
_initterm
free
atoi
strcmp
memcmp
_purecall
memcpy
strncmp
strchr
strncpy
_wcslwr
??3@YAXPAX@Z
strstr
strrchr
sprintf
memset
strlen
fclose
fread
??2@YAPAXI@Z
ftell
_strupr
fopen
strcat
_access
strcpy
wcsstr

shlwapi

SHSetValueA
SHDeleteKeyA
SHDeleteValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllGetObjectType
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21b2577cb34bb7bbca528841990f4eea

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

oleaut32

msvcrt

shlwapi

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

idata Size: 4KB - Virtual size: 4B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

idata
Size: 4KB - Virtual size: 4B

.reloc
Size: 4KB - Virtual size: 2KB