6554ab5c181a70093fd369a755bc8ab748e97750e97f556159274ec9eea72940

Sharing

Copy URL Twitter E-mail

General

Target

6554ab5c181a70093fd369a755bc8ab748e97750e97f556159274ec9eea72940
Size

674KB
MD5

6bcece5ebbfb8f665d8a6411525f67c0
SHA1

d965274fdc826f61ac236ff969a517d3d9722cb7
SHA256

6554ab5c181a70093fd369a755bc8ab748e97750e97f556159274ec9eea72940
SHA512

1d0a9ad0b6b9e3547540fd843392f82d680231abb94156c78c7bfd95d544bd28baf2b7a5f02a3106f17d07a725ffb94040876ac6e315fe17caad8576fc726dd6
SSDEEP

6144:EP2gmlG2LR6l/CG2n37VRSp6fB2wR/5i8rD1fPOWYVUeNzDEU:s2ipmDh5iu7gzDEU

Score

N/A

Malware Config

Signatures

Files

6554ab5c181a70093fd369a755bc8ab748e97750e97f556159274ec9eea72940
.dll regsvr32 windows x86

8b271b1e51119244f8924a11a8f08bbc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyW
RegDeleteKeyA
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegCreateKeyExW
RegSetValueExW
RegDeleteValueA

kernel32

FindClose
InitializeCriticalSectionAndSpinCount
DisableThreadLibraryCalls
EncodePointer
DecodePointer
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetLastError
GetCurrentThreadId
GetCurrentProcessId
FlushInstructionCache
GetCurrentProcess
SetLastError
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
GetVersion
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
HeapSize
HeapReAlloc
HeapDestroy
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InterlockedPushEntrySList
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
CompareStringW
FreeLibrary
SwitchToThread
FindResourceW
FindResourceExW
GetModuleHandleA
WideCharToMultiByte
LoadLibraryA
OutputDebugStringW
LoadLibraryW
LoadLibraryExW
LocalFree
lstrcmpiA
IsDBCSLeadByte
FindResourceA
LoadLibraryExA
GetUserDefaultLCID
GetEnvironmentVariableA
CopyFileW
CreateFileW
DeleteFileW
FindFirstFileW
FindNextFileW
RaiseException
GetProcAddress
SizeofResource
LockResource
LoadResource
GlobalFree
GetTickCount
FindNextFileA
FindFirstFileA
CompareStringA
DeleteFileA
LocalAlloc
FormatMessageA
GetFileAttributesA
CreateFileA
CopyFileA
GetTempPathA
GetTempFileNameA
GetSystemDirectoryA
GetThreadLocale
GetVersionExA
CloseHandle
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingA
GetTempPathW
GetTempFileNameW
GetSystemDirectoryW
GetModuleFileNameW
GetFileAttributesW
FormatMessageW
GetModuleHandleW

gdi32

MoveToEx
CreatePen
DeleteObject
GetStockObject
CreatePatternBrush
LineTo
PatBlt
SelectObject
CreateRectRgnIndirect
CreateMetaFileA
SetWindowExtEx
CreateBitmap
CloseMetaFile
DeleteMetaFile
GetDeviceCaps
LPtoDP
CreateFontIndirectW
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
CreateFontIndirectA

oleaut32

SysFreeString
GetErrorInfo
SysAllocString
SetErrorInfo
SysStringLen
LoadRegTypeLi
LoadTypeLi
VariantClear
VarUI4FromStr
SysAllocStringLen
UnRegisterTypeLi
SafeArrayGetElement
SafeArrayCopy
RegisterTypeLi
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
OleCreatePropertyFrame
VariantInit

ole32

StringFromGUID2
DoDragDrop
OleGetClipboard
OleSetClipboard
StringFromCLSID
CoCreateGuid
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
RevokeDragDrop
CreateDataAdviseHolder
CoTaskMemFree
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateOleAdviseHolder
RegisterDragDrop

user32

MessageBoxW
LoadImageW
GetWindowTextW
DialogBoxIndirectParamW
CreateWindowExW
MessageBoxExW
CharNextA
UnregisterClassA
CharUpperW
EndDialog
GetActiveWindow
EnableWindow
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
LoadIconA
SetTimer
KillTimer
RegisterClipboardFormatA
CharNextW
UpdateWindow
GetDlgItem
WindowFromPoint
ReleaseCapture
SetWindowTextW
ReleaseDC
GetDC
ScreenToClient
GetCursorPos
GetCapture
RegisterClipboardFormatW
ClientToScreen
GetMessagePos
GetWindowRect
CallWindowProcA
DefWindowProcA
ShowWindow
GetParent
SetFocus
CreateWindowExA
LoadCursorA
GetClassInfoExA
RegisterClassExA
UnionRect
PtInRect
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
GetKeyState
InvalidateRect
IsWindow
DestroyWindow
IsChild
GetFocus
FillRect
GetSysColorBrush
BeginPaint
GetClientRect
EndPaint
GetSystemMetrics
SendMessageA
GetWindowLongA
SetWindowLongA
DialogBoxIndirectParamA
SendMessageW
MessageBoxA
GetWindowTextA
SetWindowTextA
LoadImageA
SetCapture
GetWindow
SetCursor

shell32

DragQueryFileA
DragQueryFileW

comdlg32

CommDlgExtendedError

comctl32

ImageList_Destroy
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

uxtheme

SetWindowTheme

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
VSDllRegisterServer
VSDllUnregisterServer

Sections

.text
Size: 538KB - Virtual size: 537KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b271b1e51119244f8924a11a8f08bbc

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

oleaut32

ole32

user32

shell32

comdlg32

comctl32

version

uxtheme

Exports

Exports

Sections

.text Size: 538KB - Virtual size: 537KB

.data Size: 11KB - Virtual size: 13KB

.rsrc Size: 55KB - Virtual size: 54KB

.reloc Size: 69KB - Virtual size: 68KB

.text
Size: 538KB - Virtual size: 537KB

.data
Size: 11KB - Virtual size: 13KB

.rsrc
Size: 55KB - Virtual size: 54KB

.reloc
Size: 69KB - Virtual size: 68KB