ff92a9ee423fab6d01765d16965e69d5c8e3ab76ee4fa80ccd8012bba4a8926b

Sharing

Copy URL

Twitter E-mail

General

Target

ff92a9ee423fab6d01765d16965e69d5c8e3ab76ee4fa80ccd8012bba4a8926b
Size

166KB
MD5

a3c013790b78f9d80376cdb9db5ec230
SHA1

7b2c1b715e5ec01c5ab71edbb336b94f021c00a7
SHA256

ff92a9ee423fab6d01765d16965e69d5c8e3ab76ee4fa80ccd8012bba4a8926b
SHA512

4696456e158fa5394cc597bf4eeb5cba11703e1e885ba540365d4860fc58e40b229fd29b96324d8e364ac05a4ee13c6f906c2b6790d93d8f033c398e02331c16
SSDEEP

3072:8vadMKspOXTEK5VIFWmMVFenbNS+cNPOo9/ErgmhYDXv:eaGdiEmLl0bc4oghYDXv

Score

N/A

Malware Config

Signatures

Files

ff92a9ee423fab6d01765d16965e69d5c8e3ab76ee4fa80ccd8012bba4a8926b
.dll regsvr32 windows x86

574b494c8332463ebe4c17000c446ea3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
InternetOpenW
InternetCrackUrlW
InternetReadFile
InternetSetCookieExW
HttpOpenRequestW
HttpSendRequestW
InternetConnectW

shlwapi

StrChrW
StrStrW
StrToIntW

kernel32

GetModuleHandleA
GetSystemInfo
GetProcAddress
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
CloseHandle
GetCurrentProcessId
VirtualQuery
WriteProcessMemory
GetCurrentProcess
VirtualProtect
lstrcmpiA
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
CreateSemaphoreW
OpenSemaphoreW
ResetEvent
CreateEventW
SetEvent
CreateThread
WaitForSingleObject
lstrlenW
ReleaseSemaphore
MultiByteToWideChar
lstrlenA
GetLocalTime
Sleep
WaitForMultipleObjects
DisableThreadLibraryCalls
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
DeleteCriticalSection
GetShortPathNameW
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
lstrcpyW
lstrcatW
InterlockedDecrement
InterlockedIncrement
FlushInstructionCache
CancelWaitableTimer
OpenWaitableTimerW
SetWaitableTimer
CreateWaitableTimerW
GetLastError
OpenEventW
lstrcpynW
lstrcmpW
GetComputerNameW
WideCharToMultiByte
GetVersionExW
GetLocaleInfoW
lstrcpyA
LocalFree
LocalAlloc
FormatMessageW
CreateFileW
ReadFile
GetFileSize

user32

wsprintfW
wsprintfA
CharNextW

advapi32

RegEnumValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

DispCallFunc
LoadRegTypeLi
SysAllocStringLen
SysFreeString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
RegisterTypeLi
LoadTypeLi
SysStringLen
VariantClear
SysAllocString
VariantInit

imagehlp

ImageDirectoryEntryToData

msvcp60

?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcrt

_except_handler3
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
strchr
strtol
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_initterm
malloc
printf
memset
__CxxFrameHandler
??2@YAPAXI@Z
time
strlen
_purecall
memcmp
memcpy
_CxxThrowException
free
_adjust_fdiv

Exports

Exports

DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

574b494c8332463ebe4c17000c446ea3

Headers

File Characteristics

Imports

wininet

shlwapi

kernel32

user32

advapi32

ole32

oleaut32

imagehlp

msvcp60

msvcrt

Exports

Exports

Sections

.text Size: 115KB - Virtual size: 115KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 115KB - Virtual size: 115KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 8KB