General

Malware Config

Signatures

Files

• 5d7b858e5eba4e2390b8bd40e87dfd8aaad517cf869f626a8e8287facbd2cbf4

  .dll regsvr32 windows x64

  e82832c784250120a3e3979b7c61ba7e

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  odbc32

  ord15

  ord2

  ord1

  ord150

  ord107

  ord3

  ord14

  ord9

  ord16

  ord110

  ord111

  kernel32

  GetStringTypeW

  LCMapStringW

  GetConsoleMode

  QueryPerformanceFrequency

  lstrlenW

  RaiseException

  EnterCriticalSection

  LeaveCriticalSection

  GetLastError

  InitializeCriticalSectionAndSpinCount

  DeleteCriticalSection

  GetProcAddress

  GetModuleHandleW

  GetUserDefaultLCID

  GetModuleFileNameW

  DisableThreadLibraryCalls

  VirtualAlloc

  FreeLibrary

  MultiByteToWideChar

  SizeofResource

  LoadResource

  FindResourceW

  LoadLibraryExW

  GetConsoleCP

  SetFilePointer

  IsValidCodePage

  GetLocaleInfoA

  EnumSystemLocalesA

  IsValidLocale

  SetStdHandle

  WriteConsoleW

  CreateFileW

  CloseHandle

  lstrcmpiW

  RtlLookupFunctionEntry

  GetOEMCP

  GetACP

  GetCPInfo

  LoadLibraryW

  SetConsoleCtrlHandler

  FatalAppExitA

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetTickCount

  QueryPerformanceCounter

  GetEnvironmentStringsW

  WideCharToMultiByte

  FreeEnvironmentStringsW

  GetModuleFileNameA

  HeapAlloc

  HeapFree

  RtlPcToFileHeader

  FlushFileBuffers

  RtlUnwindEx

  DecodePointer

  EncodePointer

  GetCurrentThreadId

  FlsSetValue

  GetCommandLineA

  ExitProcess

  WriteFile

  GetStdHandle

  HeapSetInformation

  GetVersion

  HeapCreate

  HeapDestroy

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  RtlVirtualUnwind

  RtlCaptureContext

  TerminateProcess

  GetCurrentProcess

  FlsGetValue

  FlsFree

  SetLastError

  GetCurrentThread

  FlsAlloc

  GetLocaleInfoW

  HeapReAlloc

  HeapSize

  Sleep

  SetHandleCount

  GetFileType

  GetStartupInfoW

  user32

  CharNextW

  MessageBoxA

  advapi32

  RegQueryInfoKeyW

  RegSetValueExW

  RegCloseKey

  RegDeleteValueW

  RegDeleteKeyW

  RegCreateKeyExW

  RegOpenKeyExW

  RegEnumKeyExW

  ole32

  CoTaskMemRealloc

  CoCreateFreeThreadedMarshaler

  CoInitialize

  CoCreateInstance

  StringFromGUID2

  CoTaskMemFree

  CoTaskMemAlloc

  oleaut32

  LoadTypeLi

  UnRegisterTypeLi

  VarUI4FromStr

  SysAllocString

  SysFreeString

  Exports

  Exports

  DllCanUnloadNow

  DllGetClassObject

  DllRegisterServer

  DllUnregisterServer

  Sections

  .text

  Size: 220KB - Virtual size: 219KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 79KB - Virtual size: 78KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 8KB - Virtual size: 17KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 10KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .idata

  Size: 6KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 186KB - Virtual size: 185KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ