7760b32aad54f7651898185b00c88b86717299f5b73be10df14fb748c1a1e35e

Sharing

Copy URL

Twitter E-mail

General

Target

7760b32aad54f7651898185b00c88b86717299f5b73be10df14fb748c1a1e35e
Size

219KB
MD5

f5f8b92ca19e43e9893315104b473892
SHA1

97c1abd2e97ed3116d26ead856ab296ec9e298cb
SHA256

7760b32aad54f7651898185b00c88b86717299f5b73be10df14fb748c1a1e35e
SHA512

541039d91d5b3c1a918f3c17aa4b338d211c7e45b48ced020d89d6fa159614b83f91b5c8cd7ba4f4ede46938f05018c12ecc06f1e320fd52e1684607b4a86b77
SSDEEP

3072:BGNXkUVU7yAYs0S6yEath50UxlTBeH6tT3GAtga6mpPs5syiFE6GH+Co:BGNUs+yfsBh50UHTMHwT3yrmZKsC69

Score

N/A

Malware Config

Signatures

Files

7760b32aad54f7651898185b00c88b86717299f5b73be10df14fb748c1a1e35e
.dll regsvr32 windows x86

b6bfdbc4dff24dc64c2db751626201ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
Sleep
GetTempPathA
CreateSemaphoreA
GetWindowsDirectoryA
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetLastError
HeapFree
RaiseException
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetACP
GetOEMCP
IsValidCodePage
CompareStringA
CompareStringW
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
ExitProcess
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
LoadLibraryA
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount

uxtheme

GetThemeTextExtent
OpenThemeData
GetThemeBackgroundRegion
CloseThemeData
GetThemeFont

Exports

Exports

DllRegisterServer
Towardpull

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6bfdbc4dff24dc64c2db751626201ea

Headers

File Characteristics

Imports

kernel32

uxtheme

Exports

Exports

Sections

.text Size: 165KB - Virtual size: 165KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 8KB - Virtual size: 78KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 165KB - Virtual size: 165KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 78KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 11KB