5c9786ee424ec48c047fa168c077e16808a607abe101c6c92c0e6d4d0246aeda

Sharing

Copy URL

Twitter E-mail

General

Target

5c9786ee424ec48c047fa168c077e16808a607abe101c6c92c0e6d4d0246aeda
Size

346KB
MD5

3efdb0532d1b5b4cafb3602c78a0f559
SHA1

10b153cb40b85ec5510e30aa1ba5039c62d7823a
SHA256

5c9786ee424ec48c047fa168c077e16808a607abe101c6c92c0e6d4d0246aeda
SHA512

68b459a47f84a6c26c3db24f674aeb7ecc85d1428861f78eb18e4c427e589796fc8ffc8cb5857b55c99e6dbe5be9b79b38a7925d0a54e43318b49c22dc37adf1

Score

N/A

Malware Config

Signatures

Files

5c9786ee424ec48c047fa168c077e16808a607abe101c6c92c0e6d4d0246aeda
.dll regsvr32 windows x86

8d447ed00781e96b81c591c009896ef3

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
CreateFileW
GetVersionExW
OpenProcess
Sleep
CloseHandle
FindResourceW
GetWindowsDirectoryW
GetModuleHandleW
GetSystemTime
QueryPerformanceCounter
GetDateFormatW
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetProcAddress
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
InterlockedFlushSList
GetLastError
FreeLibrary
LoadLibraryExW
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetProcessHeap
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointerEx
SetStdHandle
HeapSize
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
WriteConsoleW

Exports

Exports

DllRegisterServer
Mustpath
Trytogether

Sections

.text
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d447ed00781e96b81c591c009896ef3

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 251KB - Virtual size: 250KB

.rdata Size: 73KB - Virtual size: 73KB

.data Size: 10KB - Virtual size: 47KB

.gfids Size: 512B - Virtual size: 496B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 251KB - Virtual size: 250KB

.rdata
Size: 73KB - Virtual size: 73KB

.data
Size: 10KB - Virtual size: 47KB

.gfids
Size: 512B - Virtual size: 496B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 9KB - Virtual size: 8KB