7ca974a2fbe8a211661f7b757554d81db99b4f585f2a9956ca22224c476c804a

Sharing

Copy URL Twitter E-mail

General

Target

7ca974a2fbe8a211661f7b757554d81db99b4f585f2a9956ca22224c476c804a
Size

276KB
MD5

b91fb6215859944f1f0b3edbe11b32f0
SHA1

a0c633347bae427f59d6c752a767dd6ab04cf99e
SHA256

7ca974a2fbe8a211661f7b757554d81db99b4f585f2a9956ca22224c476c804a
SHA512

7efcfe858513b30d68057c1ed1ebbf1cc4f8e0a8f9fa5e9a4355d2cf79d15eade81033620505198a5a7cdd8d56218ff9f7002d701981fb7f8ff822d8f43b1495
SSDEEP

3072:UMK2eJ17iovzD7pr3ZazSx55wIYz9Op0tJ8t6G3MG3FwanSVs7AWN3bs0CTe7:UMfMi2z4zTONd/KBTA/

Score

N/A

Malware Config

Signatures

Files

7ca974a2fbe8a211661f7b757554d81db99b4f585f2a9956ca22224c476c804a
.dll regsvr32 windows x86

4c8e82544b59b798d7a8ee55e19e24c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
SizeofResource
LoadLibraryExW
CreateThread
RaiseException
lstrcmpiW
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
MultiByteToWideChar
FindResourceW
GetModuleHandleW
GetTickCount
GetThreadLocale
WinExec
CloseHandle
WriteFile
CreateFileW
lstrlenA
OpenProcess
LoadLibraryW
GetProcAddress
lstrlenW
WideCharToMultiByte
GetLastError
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetThreadLocale
InitializeCriticalSection
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
InterlockedExchange
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapSize
Sleep
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
VirtualAlloc
GetLocaleInfoA
LoadLibraryA
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
HeapDestroy
HeapCreate
VirtualFree

user32

UnregisterClassA
CharNextW
PostMessageW
CharLowerW
MessageBoxW

advapi32

IsTextUnicode
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoGetClassObject

oleaut32

RegisterTypeLi
VarBstrCmp
SysFreeString
SysAllocString
SysAllocStringByteLen
SysStringByteLen
VarUI4FromStr
SysStringLen
LoadRegTypeLi
LoadTypeLi
VarBstrCat
VariantClear
UnRegisterTypeLi
SysAllocStringLen

rpcrt4

NdrStubForwardingFunction
NdrOleFree
NdrOleAllocate
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer2_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy

wininet

InternetSetCookieW
InternetGetCookieW

urlmon

CoInternetGetSession

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 576B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shr
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c8e82544b59b798d7a8ee55e19e24c1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

rpcrt4

wininet

urlmon

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 105KB

.orpc Size: 4KB - Virtual size: 576B

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 16KB - Virtual size: 18KB

.shr Size: 4KB - Virtual size: 1B

.rsrc Size: 96KB - Virtual size: 92KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 108KB - Virtual size: 105KB

.orpc
Size: 4KB - Virtual size: 576B

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 16KB - Virtual size: 18KB

.shr
Size: 4KB - Virtual size: 1B

.rsrc
Size: 96KB - Virtual size: 92KB

.reloc
Size: 12KB - Virtual size: 10KB