ab5d973789b93af9944913179204358ae6ef19a050fb28d46ad13fdfebce0f93

Sharing

Copy URL

Twitter E-mail

General

Target

ab5d973789b93af9944913179204358ae6ef19a050fb28d46ad13fdfebce0f93
Size

188KB
MD5

0da414e5456f5516549edbdda497a834
SHA1

494f8a78b590dc483f57182eef5983a74ddadaa7
SHA256

ab5d973789b93af9944913179204358ae6ef19a050fb28d46ad13fdfebce0f93
SHA512

a40a9f08523ca9f69b56d03a722873858b2392bad6dcbb395aab04439194d26a33fddbaeed68404353c3d79a12b94f9c07b02b7a29402a6509064b69db6f8165
SSDEEP

3072:aRJHaqHOjQxHtI52Ldr/4TCpyxuK0foCBxlDtliAmaFDwsdQwNZZm:MdaaOjKE2BwTwrK0ftDtl1maFDwsdQwg

Score

N/A

Malware Config

Signatures

Files

ab5d973789b93af9944913179204358ae6ef19a050fb28d46ad13fdfebce0f93
.dll regsvr32 windows x86

b0b8e539c4103bbe08ac69432e6eeca1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
GetCurrentProcess
InitializeCriticalSection
DisableThreadLibraryCalls
FindFirstFileW
FindNextFileW
FindClose
FormatMessageW
LocalAlloc
WaitForMultipleObjects
LoadLibraryW
GetLastError
lstrlenA
lstrcmpW
GetLocaleInfoW
GetVersionExW
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
GetModuleFileNameW
GetComputerNameW
lstrcpynW
GetModuleHandleW
GetProcAddress
lstrlenW
WaitForSingleObject
GetCurrentThreadId
CreateThread
Sleep
SetEvent
CloseHandle
CreateEventW
LocalFree
ResetEvent

shell32

StrCpyNW
StrStrW
StrChrW

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SafeArrayUnaccessData
SysAllocStringLen
SafeArrayAccessData
VariantInit
SafeArrayCreateVector
SysStringLen
LoadRegTypeLi
DispCallFunc
SysAllocString

shfolder

SHGetFolderPathW

wininet

HttpSendRequestW
HttpOpenRequestW
InternetReadFile
InternetCloseHandle
InternetCrackUrlW
InternetOpenW
InternetConnectW

atl

ord18
ord15
ord16
ord21
ord57
ord30
ord58
ord11
ord10
ord32
ord23

msvcp60

?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

msvcrt

malloc
_adjust_fdiv
_initterm
??2@YAPAXI@Z
__CxxFrameHandler
time
strlen
_CxxThrowException
memcpy
_purecall
memcmp
memset
printf
strtol
strchr
free
__dllonexit
_onexit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ

user32

wsprintfA
wsprintfW

shlwapi

StrNCatW
StrToIntW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0b8e539c4103bbe08ac69432e6eeca1

Headers

File Characteristics

Imports

kernel32

shell32

ole32

oleaut32

shfolder

wininet

atl

msvcp60

msvcrt

user32

shlwapi

Exports

Exports

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 10KB - Virtual size: 9KB