d47d8211eb178677e19e76ff97b3c887d80e9c7943fbf5613cfaec7a4841765a

Sharing

Copy URL

Twitter E-mail

General

Target

d47d8211eb178677e19e76ff97b3c887d80e9c7943fbf5613cfaec7a4841765a
Size

4.7MB
MD5

6c8b8f13caa64477e97bc1451f699485
SHA1

d6eff2106f875d2e9bd54269aa99d12e1de723b5
SHA256

d47d8211eb178677e19e76ff97b3c887d80e9c7943fbf5613cfaec7a4841765a
SHA512

595cdcd6ce862a9f23afff8569341eb0a5ca143b7ffbc7853b4099c5072c4ebd59fd9fec186de63282903b44b6863d1bab9734a09fe498e17491c72c2e0c5e5e
SSDEEP

98304:Gt9qzj5xKohA02gpT5wFDbXSQjynDh0q9:sGKorDwFDbQD7

Score

N/A

Malware Config

Signatures

Files

d47d8211eb178677e19e76ff97b3c887d80e9c7943fbf5613cfaec7a4841765a
.dll regsvr32 windows x86

5909280e03e398540d59a911bc2ad0fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
FreeLibrary
GetProcAddress
LoadLibraryW
GetLastError
GlobalUnlock
GlobalSize
GlobalLock
GlobalAlloc
GlobalFree
GetModuleHandleW
lstrlenW
GetModuleFileNameW
LocalFree
CloseHandle
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
DeleteFileW
CopyFileW
CreateDirectoryW
GetPrivateProfileStringW
InterlockedExchange
RaiseException
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetCurrentProcessId
GetCurrentThreadId
GetVersionExW
Sleep
EnterCriticalSection
LeaveCriticalSection
GetTempPathW
GlobalFindAtomW
CreateFileW
lstrcmpiW
GetFileSize
GetFileSizeEx
CompareStringW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
WideCharToMultiByte
GetLocalTime
WritePrivateProfileSectionW
GetSystemTime
GetTickCount
MulDiv
GetSystemDirectoryW
GetFileAttributesW
OutputDebugStringW
TerminateProcess
OpenProcess
lstrcpynW
InitializeCriticalSection
TryEnterCriticalSection
GetThreadLocale
LockResource
FindResourceExW
GetSystemDefaultLangID
WaitForSingleObject
ReleaseMutex
QueryPerformanceFrequency
QueryPerformanceCounter
FreeResource
CreateMutexW
OpenMutexW
GetModuleHandleExW
GetWindowsDirectoryW
GetLongPathNameW
SetEvent
WritePrivateProfileStringW
CreateEventW
ResetEvent
VirtualProtect
IsBadReadPtr
ReadFile
GetSystemTimeAsFileTime
CreateProcessW
GetStringTypeExW
TerminateThread
GetCurrentThread
VirtualQuery
VirtualAlloc
GetSystemInfo
VirtualFree
ResumeThread
GetThreadContext
SuspendThread
OpenThread
SetThreadPriority
GetThreadPriority
FlushInstructionCache
VirtualProtectEx
GetCurrentProcess
GetProcessId
GetVersionExA
InterlockedCompareExchange
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
SetLastError
WaitForMultipleObjects
CreateThread
CreateSemaphoreW
ReleaseSemaphore
VirtualLock
WriteFile
SetFilePointer
MoveFileExW
RemoveDirectoryW
FindClose
FindNextFileW
SetFileAttributesW
FindFirstFileW
RemoveVectoredExceptionHandler
AddVectoredExceptionHandler
GetCurrentDirectoryW
FormatMessageW
GetACP
ExitProcess
GetFileType
DuplicateHandle
SystemTimeToFileTime
DosDateTimeToFileTime
SetFileTime
GetDriveTypeW
DeviceIoControl
GetPrivateProfileIntW
DisableThreadLibraryCalls
LocalAlloc
LoadLibraryA
DisconnectNamedPipe
SetNamedPipeHandleState
GetOverlappedResult
WriteFileEx
ReadFileEx
WaitForMultipleObjectsEx
CreateSemaphoreA
CreateEventA
CreateFileA
GetSystemWow64DirectoryW
SetFilePointerEx
FileTimeToSystemTime
CompareFileTime
SystemTimeToTzSpecificLocalTime
GetFileAttributesExW
ExpandEnvironmentStringsW
ProcessIdToSessionId
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetStringTypeW
EncodePointer
DecodePointer
GetLocaleInfoW
RtlUnwind
GetTimeFormatW
GetDateFormatW
ExitThread
WriteConsoleW
GetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetTimeZoneInformation
GetCPInfo
LCMapStringW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsProcessorFeaturePresent
HeapCreate
GetOEMCP
IsValidCodePage
SetStdHandle
SetHandleCount
GetStartupInfoW
GetConsoleCP
GetConsoleMode
SetEndOfFile
FlushFileBuffers
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer
_kso_log_msg

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 694KB - Virtual size: 693KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 531KB - Virtual size: 530KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5909280e03e398540d59a911bc2ad0fe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 694KB - Virtual size: 693KB

.data Size: 277KB - Virtual size: 311KB

.rsrc Size: 3.2MB - Virtual size: 3.2MB

.reloc Size: 531KB - Virtual size: 530KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 694KB - Virtual size: 693KB

.data
Size: 277KB - Virtual size: 311KB

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

.reloc
Size: 531KB - Virtual size: 530KB