886bc574478ffe6e12e05d6d5cb9425607144ecc90ef909853ad6bc96e67b718

Sharing

Copy URL Twitter E-mail

General

Target

886bc574478ffe6e12e05d6d5cb9425607144ecc90ef909853ad6bc96e67b718
Size

88KB
MD5

edad92c13439e9be8f6bdeb4e1ba91d2
SHA1

9aaf33962ed6ff4bf6fdb6034872e694b3e8a417
SHA256

886bc574478ffe6e12e05d6d5cb9425607144ecc90ef909853ad6bc96e67b718
SHA512

3d9942f9180e0442d40a82f1a2c411859b0f8c712a4cbbdd1db0d9e0cdf610a21878de10c2b99b0763aea7cfb537b7b8aa98068c6e3404a55086a8d63eef400b
SSDEEP

1536:14aVNk4SNH3mtqXdN5l6+wg7ADxEty1Qi4fKtkUZmikqb/oVXHNkdO4:Xm1NXVXn5GDxEt0ef6tJ/oFHN54

Score

N/A

Malware Config

Signatures

Files

886bc574478ffe6e12e05d6d5cb9425607144ecc90ef909853ad6bc96e67b718
.dll regsvr32 windows x86

c54a960ddf437c12d3796b2780ff3399

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFileMappingW
LockFile
GetSystemDirectoryA
CreateMailslotA
ReleaseSemaphore
GetAtomNameW
GetLogicalDriveStringsW
SetConsoleCursorPosition
GetExitCodeProcess
GetWindowsDirectoryW
GetFileSizeEx
LockResource
FindAtomA
FreeConsole
lstrcatA
QueueUserWorkItem
SetConsoleWindowInfo
EnumResourceNamesA
CompareStringA
SetHandleCount
LocalUnlock
EnumResourceNamesW
GetCurrentThreadId
DisconnectNamedPipe
SetFileAttributesA
CreateMutexW
VirtualFree
ReadConsoleW
LocalReAlloc
GlobalFree
SetInformationJobObject
GetVersion
SetEnvironmentVariableA
GetCurrentProcess
GlobalAddAtomA
ClearCommError
SetVolumeLabelW
GetDefaultCommConfigW
GetDateFormatW
GlobalFindAtomW
GetEnvironmentStrings
HeapValidate
MultiByteToWideChar
SetEvent
MapViewOfFileEx
GlobalHandle
GetTimeFormatA
GetProcessAffinityMask
GetFileAttributesExW
OpenMutexW
GetLocaleInfoW
ChangeTimerQueueTimer
SetComputerNameA
RtlUnwind
GetVolumeNameForVolumeMountPointW
GetShortPathNameA
GetCurrentDirectoryW
IsBadHugeReadPtr
SetConsoleTitleA
CreateJobObjectW
IsBadCodePtr
PurgeComm
InterlockedExchangeAdd
SearchPathW
GetUserDefaultLCID
VirtualAlloc
GetNumberFormatA
DeleteTimerQueueEx
IsBadStringPtrA
LCMapStringA
GetSystemWindowsDirectoryA
AssignProcessToJobObject
GetThreadTimes
GetComputerNameW
GetModuleFileNameW
SetConsoleCtrlHandler
DeleteCriticalSection
FlushViewOfFile
ReadDirectoryChangesW
HeapReAlloc
VerifyVersionInfoW
RegisterWaitForSingleObject
GetDriveTypeA
ReadConsoleInputW
EnumResourceLanguagesA
GetModuleHandleW
FindFirstFileExW
LocalAlloc
WinExec
FindNextFileA
GetVersionExA
FormatMessageW
FindNextFileW
GlobalDeleteAtom
SuspendThread
UnregisterWait
IsValidLocale
WriteProfileStringA
WaitForMultipleObjectsEx
GetStringTypeA
WriteProcessMemory
GetFileTime
HeapLock
ConvertDefaultLocale
GetBinaryTypeA
FindNextChangeNotification
GetThreadContext
FormatMessageA
CompareFileTime
PulseEvent
GetCommandLineW
GetDriveTypeW
LoadResource
OpenSemaphoreW
HeapUnlock
SetLastError
LocalFlags
lstrcmpA
GlobalReAlloc
UnlockFileEx
lstrlenW
MoveFileExA
GlobalMemoryStatusEx
GetSystemDefaultLangID
GetSystemDirectoryW
SetProcessWorkingSetSize
CreateNamedPipeW
LCMapStringW
ReleaseMutex
CreateFileA
CreateThread
CreateFileMappingA
VirtualQuery
CreateDirectoryA
DeleteFileA
UnmapViewOfFile
LeaveCriticalSection
LocalFree
WaitForSingleObject
GetLastError
GetCurrentProcessId
CopyFileA
ReadFile
InterlockedDecrement
InterlockedExchange
InitializeCriticalSection
GetProcAddress
CreateMutexA
InterlockedIncrement
CloseHandle
GetComputerNameA
MapViewOfFile
EnterCriticalSection
LoadLibraryA
GlobalAlloc
SetSystemTime
GetSystemTimeAsFileTime

user32

WaitMessage
IsDialogMessageA
SetScrollInfo
CreateAcceleratorTableA
DestroyCursor
VkKeyScanA
UnpackDDElParam
UpdateWindow
GetUpdateRgn
WindowFromPoint
MessageBoxExW
EnumWindowStationsW
OffsetRect
PostThreadMessageA
CharNextW
HideCaret
ScreenToClient
GetIconInfo
DefDlgProcW
EnumDisplaySettingsA
ScrollWindowEx
IsZoomed
DrawTextW
LoadAcceleratorsA
GetScrollBarInfo
GetCapture
PeekMessageW
ChangeDisplaySettingsA
DefDlgProcA
IsDlgButtonChecked
SetCursor
BroadcastSystemMessageW
CreateDialogIndirectParamW
GetWindowTextLengthA
EnableScrollBar
DeferWindowPos
GetMenuState
IsCharAlphaA
CharUpperA
LoadBitmapA
GetMenuItemCount
RemoveMenu
GetSysColor
OemToCharA
GetCursorPos
DialogBoxParamW
SendDlgItemMessageA
LoadStringA
SetMenuItemInfoA
GetScrollPos
MapVirtualKeyExW
GetWindowTextW
LookupIconIdFromDirectory
GetMenuItemID
CharUpperBuffA
CharLowerA
VkKeyScanW
FindWindowExA
UnregisterHotKey
FillRect
IsWindowVisible
GetDC
ToAsciiEx
CharNextA
SetProcessDefaultLayout
ChangeDisplaySettingsW
SetWindowLongA
CharPrevW
GetWindowTextLengthW
GetWindowPlacement
GetInputState
MsgWaitForMultipleObjectsEx
ToUnicodeEx
SetMessageQueue
LoadIconW
MonitorFromPoint
SetDlgItemTextW
GetClassInfoExW
GetSysColorBrush
PostMessageA
GetWindowLongW
DrawEdge
TabbedTextOutA
EndDeferWindowPos
ShowWindowAsync
SendDlgItemMessageW
InsertMenuItemA
SetMenu
SetWindowPlacement
FindWindowW
LoadCursorA
SetWindowContextHelpId
CallWindowProcA
ToAscii
UnregisterClassW
GetDesktopWindow
GetComboBoxInfo
SendMessageTimeoutA
CheckMenuItem
CreateIcon
GetAsyncKeyState
GetUpdateRect
EnumDisplaySettingsW
SystemParametersInfoW
SetMenuItemInfoW
EqualRect
DefMDIChildProcA
SetClassLongW
GetShellWindow
SendMessageW
DispatchMessageA
GetMessageA
PeekMessageA
FindWindowA
SendMessageA
SetWindowsHookExA
GetClassNameA
GetWindowThreadProcessId
UnhookWindowsHookEx
GetMenu

shlwapi

StrRetToStrW
StrChrW
PathIsUNCServerShareW
UrlCreateFromPathW
StrRetToBufW
PathAddBackslashW
AssocQueryStringW
PathFindExtensionW
SHDeleteValueW
PathRemoveExtensionW
PathIsUNCServerW
SHRegGetValueW
StrChrIW
SHSetValueA
StrToIntExW
PathIsFileSpecW
PathUndecorateW
SHRegGetUSValueW
StrToIntA
PathStripPathW
PathParseIconLocationW
PathFindFileNameW
StrCmpIW
PathFileExistsA
StrDupA
PathGetDriveNumberW
PathSkipRootW
PathMakePrettyW
AssocCreate
StrStrIW
SHRegSetUSValueW
UrlUnescapeW

advapi32

RegOpenKeyExA
RegEnumKeyW
RevertToSelf
CloseEventLog
RegDeleteValueA
RegConnectRegistryW
GetUserNameA
RegCreateKeyA
ClearEventLogW
DuplicateToken
RegOpenCurrentUser
RegLoadKeyW
RegSaveKeyExW
ChangeServiceConfigW
GetServiceKeyNameW
RegEnumValueA
QueryServiceConfig2W
GetAclInformation
EnumDependentServicesW
LockServiceDatabase
RegReplaceKeyW
CreateServiceW
RegEnumKeyA
RegFlushKey
StartServiceW
OpenThreadToken
OpenEventLogW
MapGenericMask
GetSecurityDescriptorSacl
RegQueryValueExA
RegQueryInfoKeyA
RegCloseKey
RegSetValueExA
SetNamedSecurityInfoA
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegSetValueExW

shell32

SHSetLocalizedName
ExtractIconW
SHBrowseForFolderW
ShellExecuteExW
SHFormatDrive
ExtractIconExW
DragQueryFileW
SHGetSpecialFolderPathA
ShellExecuteExA
SHBrowseForFolderA
SHGetFolderPathW
SHAddToRecentDocs
DragFinish
DragQueryFileA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c54a960ddf437c12d3796b2780ff3399

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB