530264d00763fe8b1d1d091d94819ca11101be55b1c049beedf9f8e9f544cbdd

Sharing

Copy URL

Twitter E-mail

General

Target

530264d00763fe8b1d1d091d94819ca11101be55b1c049beedf9f8e9f544cbdd
Size

219KB
MD5

d81525fba46c0b161d541281bf1f6665
SHA1

8e7de9b170ae08b6e9f594bfa738267cdf2640d8
SHA256

530264d00763fe8b1d1d091d94819ca11101be55b1c049beedf9f8e9f544cbdd
SHA512

023aa4a1b5005752574ec1db75d75f7be9782616cb737c752902e0f092b48b52a0d8a1c7bc7714e260c0b4eb611fe366e176683edd530d61d5ac8b09f5c56a05
SSDEEP

3072:EGNXkUVU7yAYs0S6yEath50UxlTBeH6tT3GAtga6mpPD5syiFE6GH+Co:EGNUs+yfsBh50UHTMHwT3yrmZVsC69

Score

N/A

Malware Config

Signatures

Files

530264d00763fe8b1d1d091d94819ca11101be55b1c049beedf9f8e9f544cbdd
.dll regsvr32 windows x86

b6bfdbc4dff24dc64c2db751626201ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
Sleep
GetTempPathA
CreateSemaphoreA
GetWindowsDirectoryA
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetLastError
HeapFree
RaiseException
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetACP
GetOEMCP
IsValidCodePage
CompareStringA
CompareStringW
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
ExitProcess
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
LoadLibraryA
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount

uxtheme

GetThemeTextExtent
OpenThemeData
GetThemeBackgroundRegion
CloseThemeData
GetThemeFont

Exports

Exports

DllRegisterServer
Towardpull

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6bfdbc4dff24dc64c2db751626201ea

Headers

File Characteristics

Imports

kernel32

uxtheme

Exports

Exports

Sections

.text Size: 165KB - Virtual size: 165KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 8KB - Virtual size: 78KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 165KB - Virtual size: 165KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 78KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 11KB