ad5eec343aea927a8884967fb0dc9bedb11f32cbf09ece2ee1df25bf93450f51

Sharing

Copy URL Twitter E-mail

General

Target

ad5eec343aea927a8884967fb0dc9bedb11f32cbf09ece2ee1df25bf93450f51
Size

41KB
MD5

a8e3e1f5ce9e960d3f8ae75e9f7dfc99
SHA1

7a4ebfdbe81fe3375d9de64ee92ae028ffecb1ab
SHA256

ad5eec343aea927a8884967fb0dc9bedb11f32cbf09ece2ee1df25bf93450f51
SHA512

77e5f7d43223242a0da7aa5f457e2c2041412d2802c598900a37b2990f137a1cf196ed5667125f909a0270259776658afcd4a8e95a7c0ea95d892b50f770cbf0
SSDEEP

768:ulh1alqYW64RP7gRaaCjS1hNnG1bCVur4AnqxsHodErpvezSq:ulzakYW64RP7go0NnjVuU5sIG1ezSq

Score

N/A

Malware Config

Signatures

Files

ad5eec343aea927a8884967fb0dc9bedb11f32cbf09ece2ee1df25bf93450f51
.dll regsvr32 windows x86

3c12241e2933f894a8801b4d5bb9c6c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
memcpy
strlen
__CxxFrameHandler
_adjust_fdiv
rename
strstr
atoi
sprintf
strcmp
_ui64toa
_wcsicmp
memchr
_stricmp
??2@YAPAXI@Z
wcsrchr
wcstombs
strncpy
_except_handler3
fclose
malloc
_initterm
free
_onexit
__dllonexit
strncat
fopen
fseek
ftell
fwrite
strcpy
strcat
??3@YAXPAX@Z
_itoa
_strupr
_strlwr

wininet

HttpSendRequestA
InternetSetOptionA
InternetQueryDataAvailable
InternetReadFile
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCloseHandle

ws2_32

gethostbyname
inet_ntoa
inet_addr
WSAStartup

advapi32

CloseServiceHandle
RegOpenKeyExA
ChangeServiceConfig2A
QueryServiceStatus
ChangeServiceConfigA
RegCreateKeyA
RegDeleteKeyA
RegDeleteValueA
GetUserNameA
RegCreateKeyExA
RegSetValueExA
StartServiceA
RegQueryValueExA
RegCloseKey
RegisterServiceCtrlHandlerA
SetServiceStatus
ControlService
DeleteService
OpenSCManagerA
OpenServiceA
CreateServiceA

user32

GetThreadDesktop
OpenWindowStationA
GetProcessWindowStation
SetProcessWindowStation
SetThreadDesktop
CloseDesktop
CloseWindowStation
OpenDesktopA

ole32

CoCreateGuid

kernel32

WideCharToMultiByte
FreeLibrary
CreateEventA
MultiByteToWideChar
DeviceIoControl
FindResourceA
SizeofResource
LoadResource
LockResource
SetEndOfFile
GetSystemDirectoryA
GetLogicalDrives
DeleteFileA
CreateMutexA
SetLastError
CreateToolhelp32Snapshot
Process32First
Process32Next
GetComputerNameA
GetWindowsDirectoryA
GetVersionExA
GlobalMemoryStatus
GetDriveTypeA
CreatePipe
FormatMessageA
LocalFree
CreateProcessA
PeekNamedPipe
SetFileTime
WriteFile
CreateFileA
SetFilePointer
ReadFile
CloseHandle
FindFirstFileA
FileTimeToSystemTime
FindNextFileA
GetLastError
FindClose
GetTickCount
Sleep
TerminateProcess
CreateThread
CreateDirectoryA
WinExec
InitializeCriticalSection
EnumResourceNamesA
LoadLibraryW
OpenFile
GetFileTime
WaitForSingleObject
TerminateThread
GetModuleFileNameA
GetCurrentProcessId
GetCurrentThreadId

Exports

Exports

DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c12241e2933f894a8801b4d5bb9c6c2

Headers

File Characteristics

Imports

msvcrt

wininet

ws2_32

advapi32

user32

ole32

kernel32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 405KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 405KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 3KB - Virtual size: 2KB