96abd05522d4186c8716cb4747e1404660bf6120756350ec106151b6843e8f9c

Sharing

Copy URL Twitter E-mail

General

Target

96abd05522d4186c8716cb4747e1404660bf6120756350ec106151b6843e8f9c
Size

120KB
MD5

f2de665d684c19a464ef59c9f2941a13
SHA1

41b4e7c37fed907edc9d51f575f9e3832172988e
SHA256

96abd05522d4186c8716cb4747e1404660bf6120756350ec106151b6843e8f9c
SHA512

5c7ee90b5b37e934a480c511504853bded478aaaa608643898248d36fa70123f0452a34450ea6cafc137bcc283eb305d1ca4b932f9bc062b2b6936b27f0633dc
SSDEEP

1536:Xb8yH9AERGgcG+ZKV4DgMYvhT17VSo2pvdP6CKeyoMPrr3BnVWp:XzSEg7ZZDBYd9WHtyoMP3BV

Score

N/A

Malware Config

Signatures

Files

96abd05522d4186c8716cb4747e1404660bf6120756350ec106151b6843e8f9c
.dll regsvr32 windows x86

cb3682da934b6b7acb035e66953561a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
CloseHandle
WriteFile
CreateFileA
FindClose
FindFirstFileA
SetFileTime
GetFileTime
LocalFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
InitializeCriticalSection
CompareStringW
GetModuleFileNameA
DisableThreadLibraryCalls
GetTempPathA
GetPrivateProfileSectionA
GetTickCount
lstrlenA
CompareStringA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
ReadFile
LoadLibraryA
FlushFileBuffers
SetStdHandle
GetSystemDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetWindowsDirectoryA
DeleteFileA
WritePrivateProfileStringA
GetLastError
MultiByteToWideChar
lstrlenW
SetEnvironmentVariableA
WideCharToMultiByte
SetFilePointer
GetStringTypeW
SetHandleCount
GetStringTypeA
VirtualAlloc
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
RtlUnwind
CreateThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
RaiseException
TlsAlloc
TlsFree
SetLastError
HeapAlloc
HeapFree
ExitProcess
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter

user32

EnumChildWindows
SetWindowTextA
GetClassNameA
GetWindowTextA
wsprintfA

advapi32

RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoCreateGuid
CoInitialize
CoUninitialize

oleaut32

LoadRegTypeLi
SysStringLen
SysAllocStringLen
SysFreeString
VariantCopy
VariantChangeType
VariantClear

wininet

InternetCloseHandle
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetOpenA
InternetOpenUrlA

atl

ord16
ord15
ord23
ord31
ord18
ord57
ord32
ord58
ord21
ord30

ws2_32

htons
gethostbyname
socket
WSAStartup
sendto
recvfrom
ioctlsocket

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb3682da934b6b7acb035e66953561a3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

wininet

atl

ws2_32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 20KB - Virtual size: 25KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 7KB