7b0114fb42df7d4bc955c7ab2db8b73121d3dda2df09375add956c6bcd95f691

Sharing

Copy URL Twitter E-mail

General

Target

7b0114fb42df7d4bc955c7ab2db8b73121d3dda2df09375add956c6bcd95f691
Size

84KB
MD5

8efdc19ffa3db4819bcffca335641440
SHA1

ef8736fe2b8daaece95fb70266606be04f17080b
SHA256

7b0114fb42df7d4bc955c7ab2db8b73121d3dda2df09375add956c6bcd95f691
SHA512

fa8d4b3a7e8f8f425277f7f5d3f1f9501a87e6f6568d48ffe70290b4e508425e1846f6c4a2446a7a2bbfeddd3680b04cb68a14fb7dec47e52f49c9df21a7b1cb
SSDEEP

1536:TtaXaVmWn1sjwJIs1w6dXPd5weFGMgSICS4A5JeLt6ruNLaBFp/JUV:TMql1sjUhPd5ts3xnJeLtTsBzGV

Score

N/A

Malware Config

Signatures

Files

7b0114fb42df7d4bc955c7ab2db8b73121d3dda2df09375add956c6bcd95f691
.dll regsvr32 windows x86

2e26c532f9de31e56c04e28f91842f7c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidToStringA

shlwapi

SHSetValueA
SHGetValueA
StrStrIA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

CoCreateGuid
CoInitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

psapi

EnumProcesses
GetModuleBaseNameA
EnumProcessModules

wininet

InternetOpenUrlA
HttpQueryInfoA
InternetSetOptionA
InternetOpenA
InternetReadFile
InternetCloseHandle

user32

GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
SetTimer
DefWindowProcA
wsprintfA
EnumWindows
CreateWindowExA
RegisterClassExA
SystemParametersInfoA
SetWindowPos
EnumChildWindows
GetWindowThreadProcessId
GetClassNameA
KillTimer

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo

msvcrt

wcslen
__CxxFrameHandler
_CxxThrowException
?what@exception@@UBEPBDXZ
??0exception@@QAE@XZ
??1exception@@UAE@XZ
wcscmp
strtok
fclose
fwrite
fopen
tmpnam
atoi
isgraph
islower
free
malloc
??0exception@@QAE@ABV0@@Z
isalpha
srand
printf
strchr
tolower
isxdigit
isspace
strstr
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
??3@YAXPAX@Z
??2@YAPAXI@Z
strncpy
_stricmp
toupper
isalnum

netapi32

Netbios

oleaut32

SysFreeString
SysAllocString
VariantClear
GetErrorInfo

kernel32

SleepEx
GetCurrentProcessId
SetLastError
GetWindowsDirectoryA
DisableThreadLibraryCalls
lstrcpyA
lstrlenA
GetCurrentDirectoryA
GetEnvironmentVariableA
GetFullPathNameA
lstrcpynA
GetLocalTime
FormatMessageA
LocalFree
MultiByteToWideChar
Sleep
InterlockedExchange
GetProcessTimes
GetModuleHandleA
GetSystemDirectoryA
DeleteFileA
CreateProcessA
WaitForSingleObject
MoveFileExA
HeapAlloc
HeapSize
GetVersion
GetVersionExA
CreateFileA
GetModuleFileNameA
GetProcessHeap
GetLastError
HeapFree
QueryPerformanceCounter
WriteProcessMemory
GetProcAddress
VirtualAllocEx
LoadLibraryA
OpenProcess
GetCurrentProcess
GetTickCount
FreeLibrary
CloseHandle
CreateRemoteThread
QueryPerformanceFrequency

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e26c532f9de31e56c04e28f91842f7c

Headers

File Characteristics

Imports

rpcrt4

shlwapi

version

ole32

psapi

wininet

user32

advapi32

msvcrt

netapi32

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 16KB - Virtual size: 16KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 16KB - Virtual size: 16KB

.reloc
Size: 4KB - Virtual size: 3KB