f0e564112fad8867940598959399219e6f4f7b1b121302e43b5d6b999f5a6b5e

Sharing

Copy URL Twitter E-mail

General

Target

f0e564112fad8867940598959399219e6f4f7b1b121302e43b5d6b999f5a6b5e
Size

450KB
MD5

31071a362fabcc06602950e34c25e64b
SHA1

8a8ecf96864dc2e339715dc7694a561433711436
SHA256

f0e564112fad8867940598959399219e6f4f7b1b121302e43b5d6b999f5a6b5e
SHA512

62e24db57f6d1a50f59c8c52829258c62da11dbfc0539103d914b083b407bf22bd3fc2a815c583be10c098ecb64063a43af08f7880d2d22806c843fca9c03147
SSDEEP

12288:MyuNE2a4XjGHwsr9vUomncOcTXTweI29wq:Myh2a4Xj5E9PmczTXTwe59n

Score

N/A

Malware Config

Signatures

Files

f0e564112fad8867940598959399219e6f4f7b1b121302e43b5d6b999f5a6b5e
.dll regsvr32 windows x86

0673d50bb35f97039ccf82b4c4a1645f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
SetLastError
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
LoadLibraryA
GlobalFree
GlobalHandle
LockResource
VirtualAlloc
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
GlobalLock
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapSize
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
Sleep
TlsFree
GlobalUnlock
GetModuleFileNameW
MulDiv
lstrcmpW
GetCurrentProcess
FlushInstructionCache
lstrcmpiW
GetModuleHandleW
GetProcAddress
lstrlenW
GetLastError
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
LCMapStringA
RaiseException
VirtualFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapReAlloc
HeapDestroy
HeapCreate
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
LoadLibraryW
WideCharToMultiByte
OpenMutexW
CreateMutexW
WaitForSingleObject
ReleaseMutex
CloseHandle
RtlUnwind

user32

SetFocus
UnregisterClassA
GetWindowLongW
CharNextW
DefWindowProcW
GetSysColor
MoveWindow
SetWindowPos
GetClientRect
ClientToScreen
ScreenToClient
GetDC
MapWindowPoints
MapDialogRect
SetWindowContextHelpId
IsWindowVisible
GetWindowRect
GetTopWindow
CreateDialogIndirectParamW
ShowWindow
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
CreateWindowExW
RegisterClassExW
LoadCursorW
GetClassInfoExW
IsWindow
SendMessageW
SetWindowLongW
GetFocus
GetWindow
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
DestroyWindow
FillRect
ReleaseCapture
GetClassNameW
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC

gdi32

GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
GetStockObject

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoTaskMemAlloc

oleaut32

DispCallFunc
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
VarUI4FromStr
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
VariantChangeType
VariantCopy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0673d50bb35f97039ccf82b4c4a1645f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 344KB - Virtual size: 344KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 48KB - Virtual size: 48KB

.text
Size: 344KB - Virtual size: 344KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 48KB - Virtual size: 48KB