72bcdd63cdadc03d82e0f14fee4baf89269931bcfd401f39b78f5f4558341444

Sharing

Copy URL Twitter E-mail

General

Target

72bcdd63cdadc03d82e0f14fee4baf89269931bcfd401f39b78f5f4558341444
Size

124KB
MD5

cb106fe0ce41fe82e75a851f90c26713
SHA1

6828f5a0dd320cec886e46edee352019d7e80608
SHA256

72bcdd63cdadc03d82e0f14fee4baf89269931bcfd401f39b78f5f4558341444
SHA512

55adbf1c07372b3d48d71d36572c0f73d148e6a3e9849c5e443d83625fb3c4bfd9446c5de8ff59ade274e7454bfc7c64a2d909ba9e5f67c64b1d5ff1c2371656
SSDEEP

1536:cAPMNEtCDvcno5Zccjc8JUFmrZpmPA/9CvGfrw:cAPMN8ac6vJUETm4YvGfrw

Score

1^/10

Malware Config

Signatures

Files

72bcdd63cdadc03d82e0f14fee4baf89269931bcfd401f39b78f5f4558341444
.dll regsvr32 windows:4 windows x86 arch:x86

0c279afb9bbb5d3fb3a5f4b1338f26c1

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

mfc40

ord662
ord3340
ord2694
ord3580
ord4096
ord3906
ord3192
ord721
ord504
ord731
ord3185
ord3110
ord3158
ord2115
ord5630
ord1075
ord1035
ord1085
ord1097
ord4681
ord3859
ord4312
ord4450
ord2199
ord5360
ord3578
ord1539
ord3890
ord4657
ord2086
ord4608
ord5647
ord3837
ord4694
ord3314
ord4296
ord3922
ord2323
ord1785
ord5649
ord3268
ord4510
ord1494
ord2140
ord1850
ord4691
ord4101
ord3907
ord3134
ord570
ord706
ord762
ord486
ord315
ord4677
ord1996
ord2072
ord3724
ord5275
ord3345
ord3346
ord2106
ord5121
ord1425
ord314
ord729
ord1426
ord1014
ord421
ord3956
ord1647
ord265
ord5637
ord2894
ord5638
ord3952
ord2860
ord2916
ord3202
ord651
ord403
ord1073
ord1084
ord4046
ord4141
ord4302
ord4462
ord4176
ord5644
ord4700
ord3919
ord2861
ord4099
ord2112
ord1752
ord3709
ord2258
ord5363
ord1540
ord3881
ord4704
ord2961
ord3120
ord654
ord548
ord724
ord509
ord406
ord1986
ord2002
ord2066
ord1991
ord2007
ord1975
ord2004
ord1989
ord5352
ord2815
ord5200
ord2548
ord4173
ord2696
ord4863
ord375
ord626
ord2620
ord2960
ord2176
ord2358
ord1043
ord1071
ord2135
ord1464
ord4973
ord881
ord3827
ord4154
ord4113
ord5023
ord1873
ord4314
ord4375
ord5001
ord3611
ord4133
ord4132
ord4230
ord4124
ord4360
ord4024
ord3997
ord965
ord4441
ord4380
ord4385
ord4390
ord4122
ord4156
ord4473
ord4127
ord4117
ord4241
ord4123
ord4111
ord4110
ord4505
ord4060
ord3854
ord3844
ord3840
ord4202
ord4204
ord4201
ord3892
ord4079
ord4459
ord3898
ord4444
ord4432
ord2177
ord2963
ord5643
ord2618
ord2755
ord2844
ord3946
ord2851
ord2621
ord2695
ord3581
ord4098
ord5160
ord632
ord665
ord957
ord3452
ord426
ord381
ord4961
ord2424
ord1868
ord4737
ord267
ord4740
ord4736
ord4724
ord2223
ord2378
ord1359
ord4403
ord2451
ord5341
ord1456
ord3530
ord2081
ord4219
ord4223
ord4228
ord3873
ord3112
ord569
ord4999
ord5241
ord3335
ord1876
ord5568
ord1394
ord3049
ord5389
ord4435
ord1400
ord3714
ord1366
ord974
ord5370
ord3656
ord3028
ord615
ord362
ord810
ord4952
ord483
ord3684
ord5550
ord978
ord979
ord3431
ord5070
ord2197
ord2234
ord3963
ord5648
ord3458
ord2389
ord3945
ord2845
ord2744
ord2617
ord2843
ord2754
ord4719
ord5053
ord4703
ord4715
ord4165
ord3579
ord2097
ord4713
ord2909
ord1633
ord4627
ord3738
ord5279
ord2728
ord4070
ord733
ord1105
ord269
ord1042
ord328
ord1369
ord999
ord1000
ord711
ord671
ord1367
ord1370
ord988
ord5681
ord1046

msvcrt40

??1type_info@@UAE@XZ
free
_adjust_fdiv
_initterm
malloc
_EH_prolog
__CxxFrameHandler
wcslen
_mbsrev
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit

kernel32

lstrcmpA
LockResource
SizeofResource
LoadResource
lstrcmpiA
GlobalAlloc
GetPrivateProfileStringA
GetModuleFileNameA
lstrcpyA
GlobalLock
GlobalFree
GetProcAddress
GlobalUnlock
LocalFree
LocalAlloc
MulDiv
GetVersion
Sleep
lstrlenA
FindResourceA

user32

ReleaseDC
GetDC
LoadCursorA
GetKeyboardState
SendMessageA
SetTimer
WinHelpA
SetKeyboardState
GetWindowRect
GetSysColor
SetCursor
GetCursorPos
KillTimer
LoadBitmapA
FillRect
FrameRect
keybd_event
EnableWindow

gdi32

GetObjectA
BitBlt
CreateCompatibleDC
CreateSolidBrush
GetDeviceCaps
CreateICA
EnumFontFamiliesA

advapi32

RegOpenKeyA
RegQueryValueA
RegCloseKey

ole32

CoTaskMemFree

oleaut32

SysAllocString
SysFreeString
LoadTypeLi
LoadRegTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
_KeyStatUpDate@16

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0c279afb9bbb5d3fb3a5f4b1338f26c1

Code Sign

Signer

Headers

File Characteristics

Imports

version

mfc40

msvcrt40

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 1KB - Virtual size: 5KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 75KB - Virtual size: 74KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 1KB - Virtual size: 5KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 75KB - Virtual size: 74KB

.reloc
Size: 12KB - Virtual size: 12KB