a842378dc37fa77ae9bcff1f498efc702d4fb2cd51509b5c37b5dfb93c239ac8[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

a842378dc37fa77ae9bcff1f498efc702d4fb2cd51509b5c37b5dfb93c239ac8.zip
Size

433KB
MD5

689604228d734082e07a7dae5b4c2753
SHA1

41adad5f503ca1a19a1b267bc5299177980d3142
SHA256

837fe01f463a36cc4ad5efddd4b30f6c56426aa78989f28d46870516882cacad
SHA512

012caf0e0b86839e7ee2af7f50608bc734a723c4bd028b037acf38b6c92a01c3c015536d964c1d882ef09a1746cf09e52a2e9f5bccac7df0267689a48a90e471
SSDEEP

12288:s4MDUzJKJ3/ma3bJMImzyI0+VpW0HE8kKhsk/1:6QIx/ma3dMIK3+0HV

Score

1^/10

Malware Config

Signatures

Files

a842378dc37fa77ae9bcff1f498efc702d4fb2cd51509b5c37b5dfb93c239ac8.zip
.zip

Password: infected
a842378dc37fa77ae9bcff1f498efc702d4fb2cd51509b5c37b5dfb93c239ac8.dll
.dll regsvr32 windows x86

Password: infected

973d97b59b04de30192c4429f01c1ab1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapAlloc
HeapFree
HeapReAlloc
GetCommandLineA
GetProcessHeap
RaiseException
ExitThread
CreateThread
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
FatalAppExitA
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
GetFileTime
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetACP
SetConsoleCtrlHandler
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetFileAttributesA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetErrorMode
CreateFileA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GetAtomNameA
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GetCurrentThread
ConvertDefaultLocale
GetModuleFileNameA
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetVersionExA
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
LoadLibraryA
GlobalGetAtomNameA
GlobalAddAtomA
SetLastError
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
LoadResource
LockResource
SizeofResource
FindResourceA
ExitProcess
GetLastError
lstrlenA
lstrcmpiA
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
WideCharToMultiByte
lstrlenW
CompareStringA
CompareStringW
GetEnvironmentVariableA
MultiByteToWideChar
InterlockedExchange
GetVersion
FreeEnvironmentStringsA
GetEnvironmentVariableW

user32

MapVirtualKeyA
IsRectEmpty
DeleteMenu
GetSystemMenu
SetParent
UnionRect
DestroyIcon
UnregisterClassA
WindowFromPoint
GetDCEx
LockWindowUpdate
SetCapture
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDialogBaseUnits
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetKeyNameTextA
CallWindowProcA
GetWindowPlacement
RegisterWindowMessageA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
GetClassNameA
WinHelpA
GetWindowThreadProcessId
GetActiveWindow
EqualRect
GetKeyState
GetMenu
LoadIconA
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetActiveWindow
IsWindowVisible
IsIconic
InsertMenuItemA
CreatePopupMenu
GetClassInfoA
IntersectRect
SetRectEmpty
GetLastActivePopup
BringWindowToTop
PostMessageA
SetMenu
GetDesktopWindow
TranslateAcceleratorA
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetWindowPos
ScrollWindowEx
SetFocus
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
IsWindow
SetWindowTextA
CharLowerW
CharLowerA
CharUpperW
CharUpperA
UpdateWindow
EnableWindow
GetWindowLongA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
GetWindow
GetMenuState
GetMenuItemInfoA
GetSysColorBrush
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcA
GetWindowDC
SendMessageA
GetMessagePos
PtInRect
GetWindowRect
LoadImageA
GetSysColor
GetSystemMetrics
CopyRect
InflateRect
DrawEdge
DrawFrameControl
DrawFocusRect
SetRect
GetParent
GetClientRect
OffsetRect
SetTimer
SetCursor
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
LoadCursorA
KillTimer
InvalidateRect
ReleaseDC
GetDC
GetCursorPos
SystemParametersInfoA

gdi32

StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
GetPixel
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateHatchBrush
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextExtentPoint32A
GetCharWidthA
StretchDIBits
GetBkColor
GetTextMetricsA
BitBlt
SetTextCharacterExtra
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
CreateDIBPatternBrushPt
CreateFontA
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateCompatibleBitmap
CreateDCA
CopyMetaFileA
GetDeviceCaps
SelectObject
RoundRect
GetTextColor
GetBkMode
CreateFontIndirectA
CreateSolidBrush
GetStockObject
StretchBlt
Polygon
CreateCompatibleDC
GetObjectA
SetMapperFlags

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegSetValueA
RegCloseKey
RegCreateKeyA

shell32

DragQueryFileA
ExtractIconA
SHGetFileInfoA
DragFinish

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
CoTaskMemAlloc
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleDuplicateData
CoDisconnectObject
CoCreateInstance
StringFromGUID2
CLSIDFromString
ReadFmtUserTypeStg

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate

Exports

Exports

DllRegisterServer

Sections

.text
Size: 464KB - Virtual size: 463KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

973d97b59b04de30192c4429f01c1ab1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 464KB - Virtual size: 463KB

.rdata Size: 84KB - Virtual size: 82KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 148KB - Virtual size: 147KB

.reloc Size: 52KB - Virtual size: 50KB

.text
Size: 464KB - Virtual size: 463KB

.rdata
Size: 84KB - Virtual size: 82KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 148KB - Virtual size: 147KB

.reloc
Size: 52KB - Virtual size: 50KB