5490b0c69f8791b592d4fdfc6cb785b7e99365c39bcabb377f61a4839f3ecebe

Sharing

Copy URL Twitter E-mail

General

Target

5490b0c69f8791b592d4fdfc6cb785b7e99365c39bcabb377f61a4839f3ecebe
Size

324KB
MD5

acef53ff79d243f98e9e0d83304b01a5
SHA1

d43d333048345053681719faa635e62b83fdc9db
SHA256

5490b0c69f8791b592d4fdfc6cb785b7e99365c39bcabb377f61a4839f3ecebe
SHA512

06a4e99b4efe3e0e0781755a5c2b1a817288fc32c6723a8a9be3edd9f608918c2b15bd8894a24d6277d02a8a15d6c533a8c3bc07fcf4e934ed7d5cab0ed5bcc5
SSDEEP

3072:CkWXSyarelc235F20J+0UOcnhY+zOdranYkKDwxIAqcyE0+GawqOqCZrAUZ7kAgo:CVSyT00UOW9zSranYtBks1Z7kAOPb

Score

N/A

Malware Config

Signatures

Files

5490b0c69f8791b592d4fdfc6cb785b7e99365c39bcabb377f61a4839f3ecebe
.dll regsvr32 windows x86

d6665f880c0d0ce49352119d0787929f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
GetLastError
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
GetLocalTime
GetSystemTime
CloseHandle
WaitForSingleObject
SetThreadLocale
GetThreadLocale
LocalFree
FormatMessageA
WriteFile
SetFilePointer
DeleteFileA
GetFileSize
CreateFileA
CreateDirectoryA
GetModuleFileNameA
GlobalDeleteAtom
Sleep
TerminateThread
GetTickCount
GetFileAttributesA
LeaveCriticalSection
GetWindowsDirectoryA
GetModuleHandleA
GetVersion
CopyFileA
GetShortPathNameA
GetCurrentThreadId
OpenProcess
WaitForSingleObjectEx
lstrlenA
CompareStringA
GetSystemDirectoryA
LoadLibraryA
SetLastError
SetEnvironmentVariableA
SetEndOfFile
FlushFileBuffers
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStrings
EnterCriticalSection
RaiseException
FreeLibrary
ReadFile
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
GetFileType
SetStdHandle
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
VirtualProtect
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
GetSystemTimeAsFileTime
CreateThread
ResumeThread
ExitThread
RtlUnwind
InterlockedCompareExchange
GetProcessHeap
HeapSize
GetOEMCP
ExitProcess
HeapCreate
VirtualFree
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
GetStringTypeA
LCMapStringA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
VirtualQuery
GetSystemInfo
GetACP
GetLocaleInfoA
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
VirtualAlloc

user32

UnregisterClassA

advapi32

CreateProcessAsUserW
OpenProcessToken
RegCloseKey

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CLSIDFromString
CoInitialize

oleaut32

VarDateFromStr
SysAllocStringLen
SystemTimeToVariantTime
VarUdateFromDate
VariantTimeToSystemTime
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

shlwapi

PathFileExistsW
PathFileExistsA
PathFindFileNameW

urlmon

URLDownloadToFileA

ws2_32

recv
closesocket
shutdown
connect
setsockopt
WSAGetLastError
socket
htons
gethostbyname
ntohl
WSAStartup
WSACleanup
inet_addr
send

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 224KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6665f880c0d0ce49352119d0787929f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

urlmon

ws2_32

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 220KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 20KB - Virtual size: 16KB

.text
Size: 224KB - Virtual size: 220KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 20KB - Virtual size: 16KB