4b5b064eedb7a52b11a947439643359c[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

4b5b064eedb7a52b11a947439643359c.dll
Size

805KB
MD5

4b5b064eedb7a52b11a947439643359c
SHA1

6f9882c8180e2d04f95466ad56f90aae4e6dc060
SHA256

5606f22b9eaf1690e284355551c0ed514b27d18216be1afd2aa372b28317003d
SHA512

7a785e9aac036eb7f60a6d761813f7ddc1e12f03dfa764bb8f7c0fa6180d9377802ca7bdc7102111f92cbff8955b46e4da7b189ff8fa15ec3d4df81227fc46f8
SSDEEP

12288:zuZ0VaBZTXdQfRTBZP0SBK6DjNN6+Yyd9gHg8zUXv31K5poRoMJUHUjPbs:wdKsxejNNZbug8o+2

Score

N/A

Malware Config

Signatures

Files

4b5b064eedb7a52b11a947439643359c.dll
.dll regsvr32 windows x86

810544f6d1cfc4b1abda96d46e502763

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
HeapSize
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
GetACP
IsValidCodePage
GetTimeZoneInformation
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
Sleep
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
RtlUnwind
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GetModuleHandleW
FileTimeToSystemTime
GetOEMCP
GetCPInfo
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
WritePrivateProfileStringA
FormatMessageA
LocalFree
MulDiv
InterlockedDecrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GlobalUnlock
GlobalFree
FreeResource
GetCurrentProcessId
SetLastError
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
CompareStringA
GlobalLock
lstrcmpA
GlobalAlloc
FreeLibrary
GetModuleHandleA
GetProcAddress
GetLastError
lstrlenA
MultiByteToWideChar
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
QueryPerformanceCounter
ExitProcess

user32

IsChild
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
SetMenu
SetForegroundWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
AdjustWindowRectEx
ScreenToClient
EqualRect
SetScrollInfo
GetDlgCtrlID
CallWindowProcA
GetMenu
SetWindowLongA
IntersectRect
GetWindowPlacement
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetWindowsHookExA
GetMessageA
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageA
PostQuitMessage
GetMessagePos
GetCapture
SystemParametersInfoA
IsWindow
RedrawWindow
DrawFrameControl
DrawFocusRect
GetParent
GetScrollPos
GetScrollRange
SetScrollPos
SetRectEmpty
IsRectEmpty
CopyRect
ReleaseDC
ReleaseCapture
SetCapture
UpdateWindow
ChildWindowFromPoint
LoadCursorA
DrawEdge
GetClassInfoA
DefWindowProcA
RegisterClassA
SetCursor
GetSysColor
InvalidateRect
MessageBeep
GetNextDlgGroupItem
SetRect
OffsetRect
FillRect
InflateRect
PtInRect
GetWindowRect
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
PostThreadMessageA
SendMessageA
LoadIconA
RegisterClipboardFormatA
DispatchMessageA
InvalidateRgn
CopyAcceleratorTableA
CharNextA
CharUpperA
GetSysColorBrush
WindowFromPoint
EndPaint
BeginPaint
GetWindowDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
WinHelpA
RegisterWindowMessageA
CallNextHookEx
SendDlgItemMessageA

gdi32

SelectObject
DeleteDC
GetObjectA
Polyline
PolyBezier
ExtCreatePen
Polygon
Ellipse
CreateHatchBrush
CreatePalette
CreateFontIndirectA
RealizePalette
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetBkMode
SetMapMode
IntersectClipRect
LineTo
MoveToEx
SelectClipRgn
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
SelectPalette
CreateRectRgnIndirect
GetMapMode
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
StartDocA
CreateFontA
GetDeviceCaps
StartPage
EndPage
EndDoc
AbortDoc
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
BitBlt
CreatePen
CreateSolidBrush
Rectangle
DeleteObject
GetViewportExtEx
ExtTextOutA
GetTextExtentPoint32A

msimg32

GradientFill

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CreateILockBytesOnHGlobal
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
SafeArrayDestroy
SysAllocString
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime

gdiplus

GdiplusShutdown

Exports

Exports

DllRegisterClass
DllRegisterServer
DllUnregisterClass
DllUnregisterServer

Sections

.text
Size: 466KB - Virtual size: 466KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

810544f6d1cfc4b1abda96d46e502763

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

Exports

Exports

Sections

.text Size: 466KB - Virtual size: 466KB

.rdata Size: 97KB - Virtual size: 97KB

.data Size: 14KB - Virtual size: 29KB

.rsrc Size: 161KB - Virtual size: 160KB

.reloc Size: 65KB - Virtual size: 65KB

.text
Size: 466KB - Virtual size: 466KB

.rdata
Size: 97KB - Virtual size: 97KB

.data
Size: 14KB - Virtual size: 29KB

.rsrc
Size: 161KB - Virtual size: 160KB

.reloc
Size: 65KB - Virtual size: 65KB