0d663d9687356b495ec441e25b675747

Sharing

Copy URL Twitter E-mail

General

Target

0d663d9687356b495ec441e25b675747
Size

125KB
MD5

0d663d9687356b495ec441e25b675747
SHA1

4632a16ea3da1d3abb92c30e1c347acdb455a4c7
SHA256

8fb91e1ea6a1184e63f74ed5e61cb314946ac4291a3f1e67a19ca75579706264
SHA512

eb561ea2a047dcba0568d4e0c278616303fa35fbad84d8c3796a34b987c7f78f684ee704e2e2a5e4692e593f0f8b666a3891f0290441066956cfd6d2dec74bef
SSDEEP

1536:tfo4K2cAGGmGt8aXNMxXfmTFMYM6nDP/9dTcoQhEWpLBUWJze:tfQ2cNGmy8aGVQ7zVd4oQhEaBpJze

Score

1^/10

Malware Config

Signatures

Files

0d663d9687356b495ec441e25b675747
.dll regsvr32 windows:4 windows x86 arch:x86

5040e98f1d126e1aa5604ebfab201195

Code Sign

ab:08:78:da:93:fa:8d:79:48:b7:30:ab:95:4c:00:01:46:8a:1a:df
Signer

Actual PE Digest

ab:08:78:da:93:fa:8d:79:48:b7:30:ab:95:4c:00:01:46:8a:1a:df

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
lstrlenW
lstrlenA
lstrcpyA
FlushInstructionCache
GetCurrentProcess
InitializeCriticalSection
GetCurrentThreadId
RaiseException
ExitProcess
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
LocalFree
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
TerminateProcess
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
DisableThreadLibraryCalls
InterlockedDecrement
GetCPInfo
CloseHandle
FlushFileBuffers
SetFilePointer
SetUnhandledExceptionFilter
WriteFile
GetLastError
MultiByteToWideChar
HeapDestroy
GetEnvironmentStrings
Sleep
InterlockedExchange
RtlUnwind
HeapFree
HeapReAlloc
HeapAlloc
GetCommandLineA
GetVersion
GetEnvironmentStringsW
ReadFile
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA

user32

PtInRect
CreateWindowExA
DefWindowProcA
SetCapture
ReleaseDC
GetDC
ReleaseCapture
GetCapture
SendMessageA
GetKeyState
BeginPaint
UnionRect
ShowWindow
IsChild
GetFocus
DestroyWindow
SetWindowLongA
GetWindowLongA
CallWindowProcA
SetFocus
GetParent
SetWindowRgn
IsWindow
SetWindowPos
IntersectRect
OffsetRect
EqualRect
GetClientRect
InvalidateRect
EndPaint

gdi32

MoveToEx
SetViewportOrgEx
DeleteDC
PtInRegion
GetStockObject
LineTo
Rectangle
Ellipse
SelectObject
SetTextColor
TextOutA
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetTextAlign
RestoreDC
CreateRectRgnIndirect
CreateEllipticRgn
CreatePen
CreateFontIndirectA
DeleteObject

ole32

CreateOleAdviseHolder
CoTaskMemFree
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs

oleaut32

SysStringByteLen
SysAllocStringByteLen
OleCreatePropertyFrame
SysStringLen
LoadRegTypeLi
SysFreeString
VariantClear

atl

ord46
ord51
ord16
ord52
ord23
ord21
ord15
ord18
ord57
ord32
ord30
ord58
ord53
ord27
ord26
ord43
ord44
ord31
ord50

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5040e98f1d126e1aa5604ebfab201195

Code Sign

ab:08:78:da:93:fa:8d:79:48:b7:30:ab:95:4c:00:01:46:8a:1a:dfSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

atl

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 8KB - Virtual size: 7KB

ab:08:78:da:93:fa:8d:79:48:b7:30:ab:95:4c:00:01:46:8a:1a:df
Signer

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 8KB - Virtual size: 7KB