fb3a40e249ebffa480b40c6cddb2c2b7b9838236bf36d9f8d2f575c859e6e82d

Sharing

Copy URL

Twitter E-mail

General

Target

fb3a40e249ebffa480b40c6cddb2c2b7b9838236bf36d9f8d2f575c859e6e82d
Size

143KB
MD5

50c4de83c454b6189ff3790725b0cdaa
SHA1

1eded9bc8ef849de0b17ecaac93fbda8f148f3f4
SHA256

fb3a40e249ebffa480b40c6cddb2c2b7b9838236bf36d9f8d2f575c859e6e82d
SHA512

45241bacc22c435b491f7f8fb1ace3184a55f67755170e3cb620f7c80decbc83192bdb814958d8df5caaf105d9c68532caa75b7e6620114b076d652849860712

Score

N/A

Malware Config

Signatures

Files

fb3a40e249ebffa480b40c6cddb2c2b7b9838236bf36d9f8d2f575c859e6e82d
.dll regsvr32 windows x86

15d51f4086765953faf8b9767eeeac1f

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetFileAttributesW
Sleep
CloseHandle
CreateProcessW
FlushFileBuffers
HeapReAlloc
HeapSize
WriteConsoleW
GetStringTypeW
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
CreateFileW
GetFileType
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
WriteFile
GetConsoleCP
GetConsoleMode
HeapFree
SetStdHandle
SetEndOfFile
ReadFile
ReadConsoleW
SetFilePointerEx
GetStdHandle
LCMapStringW
DecodePointer

user32

SetWinEventHook
UnhookWinEvent

ole32

CoInitialize
CoTaskMemFree
CoRegisterClassObject
CoTaskMemAlloc
CoUninitialize
CoRegisterSurrogate

oleacc

GetRoleTextW
AccessibleObjectFromEvent
GetOleaccVersionInfo
AccessibleObjectFromWindow

oleaut32

SafeArrayDestroyData
SysAllocString
SafeArrayCreateVectorEx
SysReAllocStringLen
SysStringLen
SafeArrayDestroyDescriptor
SysAllocStringLen
SafeArrayAllocDescriptorEx
SysFreeString
SafeArrayCreateEx
SafeArraySetRecordInfo
SysReAllocString
SafeArrayRedim

Exports

Exports

DllRegisterServer
Smilethere

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15d51f4086765953faf8b9767eeeac1f

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

oleacc

oleaut32

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 128KB

.data Size: 5KB - Virtual size: 78KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 128KB - Virtual size: 128KB

.data
Size: 5KB - Virtual size: 78KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB