DllRegisterServer
KXI
MHx229
Tin22PP
Vaevy8305
Static task
static1
General
-
Target
Claim_Copy_7079.iso
-
Size
798KB
-
MD5
2ba328cbaf851edd930667f1e388e7b7
-
SHA1
cb09f2c8282a0f59c6de0ab29eb54dca05ada7df
-
SHA256
419c04546fb87ea1c5bd25edec11e10856706eb90f2d7fb269af4941397044b7
-
SHA512
bf3161255c97dae1be9550456ff1b1ccf4f71c6a2c43d07329dc00069b04ee5076cc7bffb711313d6ed3cf9a852a0d4abc5eae4c5512f56447514f4534d2a133
-
SSDEEP
12288:QjmIay70uFIAET/C+sRw9DJpApXQRihGl/ZE8Qg1C:QjmIay71XcKRw9DvOAlldQwC
Score
N/A
Malware Config
Signatures
Files
-
Claim_Copy_7079.iso.iso
Password: abc888
-
Claim_Copy.lnk.lnk
-
fathomed/campus.txt
-
fathomed/centipede.gif
-
fathomed/excerptHospitable.js.js
-
fathomed/excite.jpg.jpg
-
fathomed/goudaStereotypes.cmd
-
fathomed/pincer.db.dll regsvr32 windows x86
Password: abc888
4105c8801ba046addd9a878f42383222
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetStdHandle
GetCurrentDirectoryA
CreateFileA
SetFilePointer
CloseHandle
GetLastError
PeekNamedPipe
HeapAlloc
HeapFree
GetProcessHeap
WaitForSingleObject
ExitProcess
CreateThread
GetCurrentThreadId
GetSystemDirectoryA
VirtualAlloc
GetProcAddress
LoadLibraryA
CreateNamedPipeA
GetCurrentActCtx
Exports
Exports
Sections
.text Size: 105KB - Virtual size: 105KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 161KB - Virtual size: 161KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 100KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ