General

Malware Config

Signatures

Files

• 7502c51fe39a1235cf78293924d164d1

  .dll regsvr32 windows:4 windows x86 arch:x86

  dff7ec28a0e4fc789e57db8bc827bc36

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetModuleHandleA

  lstrlenA

  WideCharToMultiByte

  LocalFree

  InitializeCriticalSection

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  InterlockedIncrement

  InterlockedDecrement

  lstrlenW

  GetModuleFileNameA

  lstrcmpiA

  DisableThreadLibraryCalls

  DeleteFileA

  CloseHandle

  TerminateThread

  HeapAlloc

  GetSystemInfo

  GetShortPathNameA

  lstrcmpA

  HeapDestroy

  OutputDebugStringA

  CreateThread

  Sleep

  GetTickCount

  lstrcpyA

  lstrcatA

  MultiByteToWideChar

  SetFileTime

  SystemTimeToFileTime

  GetSystemTime

  CreateFileA

  CopyFileA

  GetSystemDirectoryA

  CreateProcessA

  GetWindowsDirectoryA

  OutputDebugStringW

  GetLastError

  FindNextFileA

  FindFirstFileA

  WaitForSingleObject

  WriteFile

  ReadFile

  GetFileSize

  FreeLibrary

  GetProcAddress

  LoadLibraryA

  LocalAlloc

  GlobalFree

  GlobalAlloc

  CreateDirectoryA

  TerminateProcess

  OpenProcess

  GetVersionExA

  HeapCreate

  advapi32

  RegSetValueExA

  RegCloseKey

  RegEnumKeyExA

  RegDeleteKeyA

  RegDeleteValueA

  RegQueryInfoKeyA

  RegOpenKeyExA

  RegCreateKeyExA

  RegQueryValueExA

  gdi32

  GetDIBits

  GetObjectA

  SetBkColor

  SetMapMode

  SetTextColor

  CreateSolidBrush

  DeleteObject

  SetWindowExtEx

  SetViewportExtEx

  msvcrt

  rand

  _initterm

  _onexit

  free

  realloc

  pow

  strrchr

  fopen

  strchr

  fclose

  time

  fwrite

  abs

  atof

  atol

  memcmp

  strstr

  _mbscmp

  atoi

  _ftol

  _ismbcdigit

  _mbsnbcmp

  sprintf

  strlen

  _mbclen

  vsprintf

  _mbsrchr

  _mbsstr

  memmove

  _mbsinc

  memset

  _mbslwr

  _mbschr

  wcslen

  memcpy

  ??3@YAXPAX@Z

  ??2@YAPAXI@Z

  srand

  _CxxThrowException

  __dllonexit

  malloc

  _adjust_fdiv

  ??1type_info@@UAE@XZ

  ole32

  CoMarshalInterThreadInterfaceInStream

  CoCreateInstance

  CoGetInterfaceAndReleaseStream

  CoUninitialize

  CoInitialize

  StringFromCLSID

  CoTaskMemFree

  oleaut32

  shell32

  ShellExecuteA

  urlmon

  URLDownloadToFileA

  user32

  KillTimer

  LoadStringA

  DialogBoxParamA

  SetTimer

  OpenClipboard

  GetClipboardData

  CloseClipboard

  GetOpenClipboardWindow

  GetDC

  CopyIcon

  PeekMessageA

  TranslateMessage

  DispatchMessageA

  CloseWindow

  SetSystemCursor

  CharUpperBuffA

  LoadCursorA

  CopyImage

  CharLowerBuffA

  GetForegroundWindow

  EndDialog

  GetSystemMetrics

  GetDlgItemTextA

  SetDlgItemTextA

  GetClientRect

  FillRect

  EnumWindows

  GetClassNameA

  SetWindowsHookExA

  UnhookWindowsHookEx

  PostMessageA

  GetWindowTextA

  CallNextHookEx

  FindWindowA

  GetWindowRect

  GetDesktopWindow

  GetWindowLongA

  SetWindowPos

  MoveWindow

  GetDlgItem

  SetWindowLongA

  ShowWindow

  SetWindowTextA

  EnableWindow

  MessageBoxA

  SendMessageA

  SetForegroundWindow

  wininet

  InternetCanonicalizeUrlA

  GetUrlCacheEntryInfoA

  Exports

  Exports

  DllCanUnloadNow

  DllGetClassObject

  DllRegisterServer

  DllUnregisterServer

  iedisco

  Sections

  UPX0

  Size: 244KB - Virtual size: 244KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .avc

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE