953bcd43b0584aebed91587c803ef734e6268a8a85020075bc79d6a09089e036

Sharing

Copy URL Twitter E-mail

General

Target

953bcd43b0584aebed91587c803ef734e6268a8a85020075bc79d6a09089e036
Size

92KB
MD5

ac9180e9ed860875b28ee634458021a3
SHA1

fd0af83225ab82894b2129fd788c19c8b3ee5503
SHA256

953bcd43b0584aebed91587c803ef734e6268a8a85020075bc79d6a09089e036
SHA512

dede27d883fe04913555c0f163c00e24ad4157f2039574e3f3f785b54087c621eef106d3f61b79268e5b91acc82d305ac6b95cf2d5bd9b92b1281d1be1f901f5
SSDEEP

1536:ZcdxZHSKt3iBoIfd0yvv8gpShJMEHiWfovV2L7FFq19CmUJJyWEzpRNJT7ANiZby:ej4eiBhfdvv8gpOJMECvvVoTZJyW0pz+

Score

N/A

Malware Config

Signatures

Files

953bcd43b0584aebed91587c803ef734e6268a8a85020075bc79d6a09089e036
.dll regsvr32 windows x86

dd431633aea4ce9f9da80645ae35848e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnlockFile
GetFileTime
GetTempPathW
SetHandleCount
DeleteTimerQueue
VirtualFree
CreateConsoleScreenBuffer
DeleteTimerQueueTimer
OpenMutexW
AreFileApisANSI
QueueUserAPC
BindIoCompletionCallback
lstrcpynW
SetFileApisToOEM
OpenFileMappingW
FillConsoleOutputAttribute
TryEnterCriticalSection
HeapLock
FileTimeToDosDateTime
GetCommConfig
GetDiskFreeSpaceExW
GetShortPathNameA
PostQueuedCompletionStatus
GetConsoleMode
GetHandleInformation
SetProcessWorkingSetSize
BackupWrite
CreateEventA
OpenFileMappingA
FindClose
DeleteTimerQueueEx
SizeofResource
GetSystemWow64DirectoryW
RemoveDirectoryW
SetEndOfFile
MapViewOfFileEx
AddAtomW
FindVolumeMountPointClose
SetConsoleCursorPosition
OpenProcess
VerLanguageNameW
GetBinaryTypeA
ConnectNamedPipe
ResetEvent
InterlockedExchangeAdd
GetVersionExA
CreateRemoteThread
GlobalHandle
VerSetConditionMask
GetConsoleCP
FindResourceW
CreateWaitableTimerA
TerminateThread
WaitForMultipleObjectsEx
GetFullPathNameA
HeapSetInformation
EnumResourceLanguagesA
CopyFileW
FlushViewOfFile
WideCharToMultiByte
GetFileSizeEx
MoveFileW
HeapDestroy
LoadResource
GetEnvironmentVariableW
RtlUnwind
CancelWaitableTimer
GetCompressedFileSizeW
AllocConsole
LocalUnlock
GetShortPathNameW
GetTempPathA
FindFirstChangeNotificationA
WinExec
GetThreadTimes
GetCPInfo
GetCurrentProcess
GetWindowsDirectoryW
CreatePipe
ReadFileEx
GetSystemPowerStatus
CreateIoCompletionPort
GlobalDeleteAtom
SetCommBreak
GlobalGetAtomNameA
GlobalMemoryStatus
MoveFileExW
OpenThread
GetWindowsDirectoryA
LCMapStringW
GetEnvironmentVariableA
OpenSemaphoreA
GlobalFlags
OpenJobObjectW
FreeEnvironmentStringsW
FindFirstVolumeMountPointW
GetThreadContext
GetStdHandle
GetNumberFormatW
SetDefaultCommConfigW
AddRefActCtx
lstrcmpA
UnregisterWait
SetComputerNameA
QueueUserWorkItem
GetLocalTime
GetEnvironmentStringsW
FileTimeToLocalFileTime
GetTimeFormatA
SetFileAttributesA
GetDriveTypeA
UnregisterWaitEx
lstrcmpW
ClearCommError
SetNamedPipeHandleState
GetCommandLineW
FormatMessageW
ReadDirectoryChangesW
ClearCommBreak
GetThreadPriority
CompareStringW
GetProfileIntW
GetProfileSectionA
lstrcatW
FreeResource
FindFirstVolumeW
FindResourceA
TransmitCommChar
FindAtomW
SetErrorMode
FindAtomA
SetInformationJobObject
QueryPerformanceFrequency
SetStdHandle
HeapAlloc
VirtualProtect
WaitForSingleObject
EnterCriticalSection
MoveFileA
GetLastError
CreateMutexA
DeleteFileA
WriteFile
CreateDirectoryA
ExpandEnvironmentStringsA
CreateThread
GetProcAddress
InterlockedDecrement
CreateFileMappingA
LeaveCriticalSection
GetProcessHeap
CopyFileA
UnmapViewOfFile
LoadLibraryA
CreateProcessA
GetSystemTimeAsFileTime
GetModuleFileNameA
GetModuleHandleA
ReleaseMutex
GetBinaryTypeW
HeapFree

user32

CharToOemW
SetThreadDesktop
UpdateWindow
LoadIconA
OpenInputDesktop
CharLowerBuffW
ReleaseDC
RemovePropA
ChangeDisplaySettingsExW
CharUpperBuffA
SetMenu
GetGUIThreadInfo
SetPropW
IsCharAlphaA
DrawFocusRect
GetKeyNameTextA
CharToOemA
AdjustWindowRect
LoadMenuW
DrawMenuBar
SetProcessDefaultLayout
OemToCharA
MsgWaitForMultipleObjectsEx
MessageBoxW
LoadIconW
ChangeMenuA
GetWindowLongA
ShowCaret
MessageBeep
TranslateAcceleratorA
GetSystemMenu
PostMessageW
CharPrevW
CharUpperBuffW
InSendMessage
SetMenuItemInfoA
DrawTextA
GetDlgCtrlID
UnionRect
GetClassInfoExW
DispatchMessageW
InvalidateRect
MessageBoxIndirectW
EqualRect
SetProcessWindowStation
SetPropA
SetWindowRgn
SetScrollPos
GetDlgItemInt
VkKeyScanW
PtInRect
IsWindow
CreateDialogIndirectParamW
AppendMenuW
SetDlgItemInt
GetSystemMetrics
BeginPaint
PostThreadMessageW
CheckMenuRadioItem
SetActiveWindow
IsZoomed
PostMessageA
DrawStateA
GetCaretBlinkTime
WindowFromPoint
UnpackDDElParam
AllowSetForegroundWindow
EnumDesktopsW
LoadBitmapA
OpenWindowStationA
PeekMessageW
FindWindowExW
GetMenuItemInfoW
GetCursorPos
SetWindowPlacement
GetMenuStringW
BeginDeferWindowPos
GetSysColorBrush
GetScrollRange
GetMenu
CreateIcon
SystemParametersInfoW
GetTabbedTextExtentA
LookupIconIdFromDirectory
RedrawWindow
ChildWindowFromPointEx
DrawEdge
HideCaret
DeferWindowPos
GetWindowLongW
GetAncestor
CreateDialogParamW
SetMenuItemBitmaps
FindWindowW
GrayStringW
GetWindowPlacement
SendInput
GetCaretPos
UnhookWindowsHook
CharUpperA
SetParent
AttachThreadInput
CharNextA
GetMenuState
GetMenuItemCount
AppendMenuA
EnumWindowStationsW
LoadStringA
ReuseDDElParam
FrameRect
MapWindowPoints
InternalGetWindowText
CheckDlgButton
WinHelpW
DestroyAcceleratorTable
SetWindowLongW
wsprintfW
CharLowerA
DestroyCursor
GetActiveWindow
CallWindowProcW
GetIconInfo
SetCaretPos
GetWindowThreadProcessId
PeekMessageA
FindWindowA
DispatchMessageA
UnhookWindowsHookEx
SendMessageA
SetWindowsHookExA
GetMessageA
CloseDesktop

shlwapi

StrCpyNW
PathAppendW
PathGetCharTypeW
StrToIntA
PathCompactPathW
PathRemoveExtensionW
SHRegGetValueW
PathAppendA
PathQuoteSpacesW
UrlEscapeW
StrChrIW
PathIsFileSpecW
AssocCreate
PathBuildRootW
SHRegGetUSValueW
StrStrA
PathGetArgsW
PathCompactPathExW
SHSetValueW
PathIsNetworkPathW
PathGetCharTypeA
wnsprintfW
PathAddBackslashW
AssocQueryStringW
StrDupA
PathRenameExtensionW
StrCpyW
PathFileExistsW
PathIsRootW
StrToIntExW
PathRemoveFileSpecA
PathIsURLW
PathCreateFromUrlW
PathRemoveFileSpecW
PathParseIconLocationW
PathUndecorateW
PathSetDlgItemPathW
UrlCanonicalizeW
SHDeleteKeyA
UrlUnescapeW

advapi32

LookupAccountNameA
CredReadDomainCredentialsW
GetServiceDisplayNameW
RegCreateKeyW
MapGenericMask
DeregisterEventSource
RegDisablePredefinedCache
RegDeleteValueW
NotifyBootConfigStatus
OpenProcessToken
RegCreateKeyExW
InitiateSystemShutdownW
IsTextUnicode
SetEntriesInAclW
MakeAbsoluteSD
RegDeleteKeyW
StartServiceW
CreateProcessAsUserA
ElfRegisterEventSourceW
RegEnumKeyA
StartServiceCtrlDispatcherW
RevertToSelf
RegQueryInfoKeyW
OpenSCManagerA
RegisterEventSourceA
DuplicateTokenEx
CreateServiceA
ReadEventLogA
ImpersonateLoggedOnUser
QueryServiceConfigA
EnumServicesStatusW
CredWriteW
CreateProcessWithLogonW
RegSaveKeyA
BuildTrusteeWithNameW
SaferCreateLevel
RegDeleteValueA
QueryServiceLockStatusA
RegisterServiceCtrlHandlerExA
SaferSetLevelInformation
ObjectCloseAuditAlarmW
RegCreateKeyExA
ConvertSidToStringSidA
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetSecurityDescriptorSacl
RegQueryValueExA
RegUnLoadKeyW

shell32

SHGetFolderPathA
SHGetFolderPathAndSubDirW
SHAddToRecentDocs
SHGetSpecialFolderPathA
SHAppBarMessage
ShellExecuteW
SHParseDisplayName
SHGetInstanceExplorer
ShellExecuteA
SHGetFileInfoW
DragQueryFileA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd431633aea4ce9f9da80645ae35848e

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB