890eacb1a49d606586eb585ee0738f55ac76fb3a175016ad627532425ee19dc8

Resubmissions

10-08-2023 17:07

230810-vmzqxsfe66 10

10-08-2023 16:28

230810-tym1tsfa36 10

01-02-2022 09:54

220201-lxap4sceap 10

Sharing

Copy URL

Twitter E-mail

General

Target

890eacb1a49d606586eb585ee0738f55ac76fb3a175016ad627532425ee19dc8
Size

251KB
MD5

4c35bc0bb978ae5273a27c7882483eb4
SHA1

e5fb5c5c523e872db6ffd03428f5c0dc74cc9192
SHA256

890eacb1a49d606586eb585ee0738f55ac76fb3a175016ad627532425ee19dc8
SHA512

03154958d83f22969e2967425c35c30bd3a402073819cbea4583f147fecae8ca28281f6c4af5c4c883c3d71e2d272dba066f7b524bf185e512f1092e2db520ee
SSDEEP

3072:i0WgIwbSN7hT/MO4005Cs//ubGAVsyGTqD58Vf2TIoe/vW/hDGvRR/ib10CEjq1:0gIwatT/3w0zVsyGTQ8eTmDbC1rBFak

Score

N/A

Malware Config

Signatures

Files

890eacb1a49d606586eb585ee0738f55ac76fb3a175016ad627532425ee19dc8
.dll regsvr32 windows x86

074dc58de55fa696ca96fcd56e872079

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
SetSecurityDescriptorDacl
GetAce
RegQueryValueExW
CreateProcessAsUserW
InitializeAcl
GetTokenInformation
OpenProcessToken
AddAccessAllowedAce
AddAce
InitializeSecurityDescriptor
EqualSid
RegOpenKeyExW
RevertToSelf
CopySid
AllocateAndInitializeSid
GetSecurityDescriptorDacl
RegCloseKey
LookupPrivilegeValueW
GetAclInformation
GetLengthSid
ImpersonateLoggedOnUser
DuplicateTokenEx
FreeSid

comctl32

_TrackMouseEvent

gdi32

RoundRect
SelectObject
StretchBlt
CreatePen
GetObjectW
CreateSolidBrush
GetDeviceCaps
PatBlt
GetPixel
CreatePatternBrush
CreatePalette
RealizePalette
GetLayout
SetPixel
GetDIBColorTable
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
GetTextExtentPoint32W
BitBlt
CreateHalftonePalette

kernel32

SetLastError
GetProcAddress
Sleep
LeaveCriticalSection
GetCurrentProcess
RaiseException
CreateThread
GetLastError
GetTickCount
SetEvent
GetCurrentProcessId
CloseHandle
HeapAlloc
HeapSize
HeapDestroy
OpenProcess
LocalFree
GetExitCodeProcess
DeleteCriticalSection
GetSystemDirectoryW
GetCommandLineW
GlobalFree
VerifyVersionInfoW
GetVersionExW
GetProcessHeap
ProcessIdToSessionId
OutputDebugStringW
SizeofResource
HeapReAlloc
InterlockedIncrement
FindResourceW
GlobalUnlock
LoadLibraryExW
FreeLibrary
CreateEventW
GetCurrentThreadId
GlobalLock
VirtualProtectEx
HeapFree
InterlockedDecrement
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetFileAttributesExW
GetFileAttributesW
OpenThread
InterlockedCompareExchange
LockResource
QueryPerformanceCounter
GetModuleFileNameW
IsDebuggerPresent
EnterCriticalSection
FindResourceExW
SetProcessShutdownParameters
GlobalAlloc
IsProcessorFeaturePresent
GetModuleHandleW
WaitForSingleObject
InitializeCriticalSection
LoadLibraryW
MulDiv
VerSetConditionMask
LoadResource
WaitForMultipleObjects
GetModuleHandleA

ole32

StringFromGUID2
CreateStreamOnHGlobal

shell32

CommandLineToArgvW

user32

SetForegroundWindow
SetTimer
DrawIconEx
GetClassNameW
GetSysColor
EnableMenuItem
KillTimer
GetProcessWindowStation
GetUserObjectInformationW
SetUserObjectSecurity
OpenDesktopW
GetWindowRect
CopyRect
IsWindow
DrawStateW
CloseWindowStation
SystemParametersInfoW
InflateRect
SetCursor
GetClientRect
UpdateWindow
GetWindowLongW
DrawFocusRect
GetDC
GetSystemMetrics
LoadImageW
OpenWindowStationW
SendInput
EqualRect
GetWindow
GetWindowDC
ExitWindowsEx
GetSystemMenu
FillRect
GetParent
DestroyIcon
OpenInputDesktop
GetUserObjectSecurity
EnableWindow
GetKeyState
TrackMouseEvent
GetIconInfo
SendMessageW
ScreenToClient
ReleaseDC
InvalidateRect
OffsetRect
GetFocus
LoadStringW
SetRect
SetProcessWindowStation
LoadCursorW
LoadIconW
CloseDesktop

wtsapi32

WTSOpenServerW
WTSCloseServer
WTSFreeMemory
WTSWaitSystemEvent
WTSEnumerateSessionsW
WTSQuerySessionInformationW

Exports

Exports

APEwWAH
XUcwjgK
LthH
DllGetClassObject
DllRegisterServer
cFUrsP
NNdMrcPBkR
OVqlNVYmHLr
DllUnregisterServer
QIdKkDX
DllCanUnloadNow
sIcu
oCmRfXLCWfq
KOtSMPQ
vWKAS
ILtrUjn
JjNNDN
viBSRvp

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

074dc58de55fa696ca96fcd56e872079

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

ole32

shell32

user32

wtsapi32

Exports

Exports

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 213KB - Virtual size: 235KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 213KB - Virtual size: 235KB

.reloc
Size: 4KB - Virtual size: 3KB