6283c20e5a9cd212ff6815c2727ed4117152e3f6cb23eac9cbbb190a6420bab1

Sharing

Copy URL

Twitter E-mail

General

Target

6283c20e5a9cd212ff6815c2727ed4117152e3f6cb23eac9cbbb190a6420bab1
Size

360KB
MD5

d2acb21312e29ad85ed7bae0ef882279
SHA1

ce72c302e03276d8c93a9f8978c84b26c771dd4b
SHA256

6283c20e5a9cd212ff6815c2727ed4117152e3f6cb23eac9cbbb190a6420bab1
SHA512

56ebcc0542e345acf85b06e5eae1a3ac34c1af92a748c146634f1104068c3217df85151306a53c771742922efdb479ea8f3696ef9b93500df4bbeb2c614227cb
SSDEEP

6144:/Zthc4BZG6csAszH6P2h52jyF7bhAm0abguqqDLu96sbcm:/ZtTzG6csAszaPGioxAqnui

Score

1^/10

Malware Config

Signatures

Files

6283c20e5a9cd212ff6815c2727ed4117152e3f6cb23eac9cbbb190a6420bab1
.dll regsvr32 windows x86

d67a298daa64e215d79193476e9d2001

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetACP
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
VirtualFree
GetProcAddress
LoadLibraryW
lstrcmpiW
lstrcmpiA
HeapFree
GetProcessHeap
HeapAlloc
GetTickCount
GetFileAttributesW
SetThreadLocale
GetThreadLocale
GetTempPathW
GlobalUnlock
GlobalLock
GlobalSize
GetTimeZoneInformation
GetLocalTime
GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
GetLastError
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
EnumSystemLocalesA
GetUserDefaultLCID
CompareStringA
GetDriveTypeA
SetEndOfFile
CreateFileA
CreateFileW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
FlushFileBuffers
GetStartupInfoA
GetFileType
IsValidLocale
SetHandleCount
Sleep
GetStringTypeW
GetStringTypeA
GetCurrentDirectoryA
GetFullPathNameW
ReadFile
GetConsoleMode
GetConsoleCP
CloseHandle
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
LoadLibraryA
HeapDestroy
HeapReAlloc
HeapSize
InterlockedExchange
GetLocaleInfoA
GetVersionExA
RtlUnwind
CreateDirectoryW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
GetCurrentThreadId
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringA
LCMapStringW
HeapCreate

user32

CharNextW
UnregisterClassA

advapi32

RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
IsTextUnicode

shell32

SHFileOperationW

ole32

CoInitialize
CoUninitialize
StringFromGUID2
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
GetHGlobalFromStream
CoCreateInstance

oleaut32

VariantTimeToSystemTime
SysFreeString
SysAllocString
VarUI4FromStr
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocStringLen
UnRegisterTypeLi
RegisterTypeLi
SystemTimeToVariantTime

shlwapi

PathCreateFromUrlW
UrlUnescapeA
UrlCanonicalizeA
UrlUnescapeW
UrlCanonicalizeW
StrStrIW
StrCmpNIW
StrChrW
StrStrIA
StrCpyW
StrRChrW
PathAddBackslashW
UrlIsW
PathFileExistsW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d67a298daa64e215d79193476e9d2001

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 248KB - Virtual size: 246KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 24KB - Virtual size: 30KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: 248KB - Virtual size: 246KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 24KB - Virtual size: 30KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 20KB - Virtual size: 17KB