9bb172370d3b358ff60ecf39a9c82b6487194071379ec919cff44e9e4791a7ca

Sharing

Copy URL Twitter E-mail

General

Target

9bb172370d3b358ff60ecf39a9c82b6487194071379ec919cff44e9e4791a7ca
Size

544KB
MD5

1cdeae0597fb43fc7f5d3d5f0a79efa2
SHA1

9fcd31939551a7b27eccd69abc72afe13bb95119
SHA256

9bb172370d3b358ff60ecf39a9c82b6487194071379ec919cff44e9e4791a7ca
SHA512

87a440140251e9a8659706ee9572c36850a59e6a11bed18f8d8f9aec56181a2772e83f7791d37c6a5cd2f478e0e8cf302c217a6d71c68d3b4a390007de047055
SSDEEP

12288:MmxkWsn/SFE3OBnHsNDfTa81tDojwVyK4MZc9T5:M1n/LOxsNDbHGwc4e9T

Score

N/A

Malware Config

Signatures

Files

9bb172370d3b358ff60ecf39a9c82b6487194071379ec919cff44e9e4791a7ca
.dll regsvr32 windows x86

a894fa972395c9d8bea8ec2c652248af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
HeapAlloc
FlushInstructionCache
GetCurrentProcess
lstrcmpA
GetLocalTime
ReadFile
SetFilePointer
SetEndOfFile
GetFileSize
CreateDirectoryA
GetSystemDirectoryA
GetTickCount
WritePrivateProfileStringA
GetPrivateProfileStringA
GetProcAddress
GetTempFileNameA
GetTempPathA
WaitForSingleObject
TerminateThread
CreateThread
GetSystemInfo
lstrcatA
CompareStringA
lstrcmpiW
SetStdHandle
FlushFileBuffers
GlobalUnlock
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualFree
HeapCreate
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
GetCPInfo
GetOEMCP
GetCommandLineA
TerminateProcess
ExitProcess
VirtualQuery
VirtualAlloc
VirtualProtect
RtlUnwind
HeapSize
HeapReAlloc
GlobalMemoryStatus
FormatMessageA
LocalFree
HeapDestroy
GlobalAlloc
GlobalHandle
GlobalFree
GetCurrentThreadId
CreateFileA
WriteFile
SetLastError
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
IsDBCSLeadByte
LoadLibraryA
FreeLibrary
DeleteFileA
MulDiv
lstrcpynA
InterlockedExchange
GetModuleFileNameA
GetModuleHandleA
lstrcpyA
lstrlenW
lstrcmpiA
CloseHandle
lstrlenA
GetProcessHeap
HeapFree
GetLastError
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP

user32

IntersectRect
MessageBoxA
IsDialogMessageA
CopyAcceleratorTableA
SetWindowsHookExA
CallNextHookEx
UnhookWindowsHookEx
PostMessageA
GetDialogBaseUnits
ReleaseDC
GetDC
UnregisterClassA
DestroyWindow
CharNextA
DestroyCursor
DrawTextA
GetSysColor
SetWindowLongA
SendDlgItemMessageA
GetNextDlgTabItem
SetTimer
KillTimer
DialogBoxIndirectParamA
CharLowerA
GetActiveWindow
GetClassLongA
EndDialog
MapWindowPoints
GetWindowRect
SetRectEmpty
CreateCursor
UpdateWindow
GetCapture
SetCursor
ScreenToClient
GetCursorPos
GetDlgCtrlID
DrawFocusRect
IsWindowEnabled
EqualRect
OffsetRect
SystemParametersInfoA
IsChild
SendMessageA
GetParent
GetFocus
SetFocus
GetWindow
IsWindow
GetKeyState
ShowWindow
GetDlgItem
CreateDialogIndirectParamA
RegisterClassExA
LoadCursorA
GetClassInfoExA
RegisterWindowMessageA
DefWindowProcA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
GetWindowLongA
EnumChildWindows
DestroyAcceleratorTable
ReleaseCapture
SetCapture
FillRect
GetClientRect
InvalidateRect
InvalidateRgn
SetWindowRgn
UnionRect
PtInRect
MapDialogRect
SetWindowContextHelpId
wsprintfA
CreateWindowExA
CreateAcceleratorTableA
GetClassNameA
SetWindowPos
RedrawWindow
BeginPaint
EndPaint
CallWindowProcA
GetDesktopWindow

gdi32

DeleteObject
SetMapMode
SaveDC
LPtoDP
CreateDCA
SetBkColor
GetObjectA
GetTextExtentPointA
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateRectRgnIndirect
CloseMetaFile
SetWindowExtEx
CreateMetaFileA
GetTextMetricsA
SelectObject
CreateFontIndirectA
GetDeviceCaps
SetBkMode
SetTextColor
Rectangle
GetStockObject
RestoreDC
DeleteDC
SetViewportOrgEx
CreateSolidBrush
DeleteMetaFile
SetWindowOrgEx

advapi32

RegEnumKeyExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyA
RegQueryValueA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

SHGetPathFromIDListA
ShellExecuteA
SHGetMalloc
SHGetFileInfoA
CommandLineToArgvW
SHBrowseForFolderA

ole32

CoTaskMemAlloc
CoCreateGuid
CreateBindCtx
CoTaskMemRealloc
CoGetMalloc
StringFromGUID2
OleUninitialize
CLSIDFromString
CoCreateInstance
OleLockRunning
OleRegGetUserType
CreateDataAdviseHolder
CreateOleAdviseHolder
OleLoadFromStream
WriteClassStm
OleSaveToStream
CoTaskMemFree
StringFromCLSID
CoGetClassObject
OleRegEnumVerbs
CLSIDFromProgID
OleInitialize
CreateStreamOnHGlobal
OleRegGetMiscStatus

oleaut32

CreateErrorInfo
SysFreeString
VarBstrCmp
RegisterTypeLi
UnRegisterTypeLi
SetErrorInfo
OleCreatePropertyFrame
SysAllocStringByteLen
DispCallFunc
VariantChangeType
SysAllocStringLen
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringLen
SysStringByteLen
SysAllocString
OleTranslateColor
VariantInit
VariantClear
VarUI4FromStr

shlwapi

PathIsDirectoryA
PathFindExtensionA

comctl32

_TrackMouseEvent

urlmon

CreateURLMoniker

ws2_32

setsockopt
getsockname
getsockopt
inet_ntoa
WSASetLastError
ntohs
sendto
inet_addr
ntohl
recv
WSAAsyncGetHostByName
htons
htonl
connect
send
WSAStartup
closesocket
socket
WSAAsyncSelect
getpeername
WSARecvFrom
WSASendTo
WSARecv
WSASend
recvfrom
listen
shutdown
WSAGetLastError
bind
accept
WSACancelAsyncRequest

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

iphlpapi

GetIpAddrTable
GetAdaptersInfo

wininet

FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
GetVersionDword

Sections

.text
Size: 416KB - Virtual size: 414KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a894fa972395c9d8bea8ec2c652248af

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

urlmon

ws2_32

version

iphlpapi

wininet

Exports

Exports

Sections

.text Size: 416KB - Virtual size: 414KB

.bss Size: - Virtual size: 4.0MB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 40KB - Virtual size: 36KB

.text
Size: 416KB - Virtual size: 414KB

.bss
Size: - Virtual size: 4.0MB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 40KB - Virtual size: 36KB