cfe33385d49c03d7d6c4bf8048650e019de21f39826157bdfc98de833265b3b5

General

Target

cfe33385d49c03d7d6c4bf8048650e019de21f39826157bdfc98de833265b3b5
Size

13KB
MD5

2491546f9a91935b5fa9e3af0ec5a1a7
SHA1

547865786073d54a219d18d9c33a87d6b3ebb3b3
SHA256

cfe33385d49c03d7d6c4bf8048650e019de21f39826157bdfc98de833265b3b5
SHA512

a1e6232202b69710d92b43189ca7d4b545afcaa007fb2043dfa208bbc4e157037312948e4b05910f90ab84e3c2da624742b2ce4906f7647515d1a59d7139baa3
SSDEEP

384:7eXyEizohhEWEg3UI5VIzFfI6JaS0DekXc3:7uyE+ohhPtkFfI6l0CkM3

Score

N/A

Malware Config

Signatures

Files

cfe33385d49c03d7d6c4bf8048650e019de21f39826157bdfc98de833265b3b5
.dll regsvr32 windows x86

9b162d2321067ec5dd433018a5d84dae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

wininet

InternetConnectA
InternetCloseHandle
FtpGetFileA
InternetOpenA
InternetGetConnectedState

mfc42

ord665
ord1979
ord354

msvcrt

_initterm
_onexit
__dllonexit
time
srand
rand
malloc
sprintf
strlen
_EH_prolog
__CxxFrameHandler
strcat
memset
strcpy
_stricmp
strcmp
_adjust_fdiv
free

kernel32

Sleep
GetTempPathA
GetWindowsDirectoryA
GetCurrentDirectoryA
DeleteFileA
GetCommandLineA
OpenProcess
VirtualAllocEx
WriteProcessMemory
LoadLibraryA
GetProcAddress
CreateRemoteThread
GetLastError
CreateToolhelp32Snapshot
Process32First
CloseHandle
Process32Next
GetCurrentProcess

advapi32

LookupPrivilegeValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges

shell32

ShellExecuteA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMyOnTimeAction
DllRegisterServer
DllUnregisterServer
Dll_JustWorking

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 566B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b162d2321067ec5dd433018a5d84dae

Headers

File Characteristics

Imports

winmm

wininet

mfc42

msvcrt

kernel32

advapi32

shell32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 16KB

.reloc Size: 1024B - Virtual size: 566B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 16KB

.reloc
Size: 1024B - Virtual size: 566B