0b63063d88e9c611adc2866a3842c4630d684b7559d8539384eb62afd2775c62

Sharing

Copy URL Twitter E-mail

General

Target

0b63063d88e9c611adc2866a3842c4630d684b7559d8539384eb62afd2775c62
Size

1.1MB
MD5

0a3fc86502d04b4ca6671c70ec9ee1d0
SHA1

159e10df6099532f032ae1b8f10b5cdf686c6dd7
SHA256

0b63063d88e9c611adc2866a3842c4630d684b7559d8539384eb62afd2775c62
SHA512

c321f5ff9e8dcf3588cfab858eff4b27bbccbc0c910e884d1885be2c8440b5f9d6dfc97cf110bf01a58a35a73f274c20a06f6f4b0ba27be366ca83dc3272f952
SSDEEP

24576:guLNllj1Hb4Ffk/06XDbPmeSm+q1hBi3Zmk:hpVqMs4PSmlq

Score

N/A

Malware Config

Signatures

Files

0b63063d88e9c611adc2866a3842c4630d684b7559d8539384eb62afd2775c62
.dll regsvr32 windows x86

01b7461473b5d8f020439aa551adf1d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memmove
_adjust_fdiv
_amsg_exit
_initterm
free
_iob
_XcptFilter
_CIcos
_CIsin
_CIsqrt
realloc
_purecall
_vsnwprintf
memcpy
malloc
memset
_controlfp
_clearfp
_CIpow
fflush
rand
floor
ceil
sscanf
swscanf

mfplat

MFHeapFree
MFHeapAlloc

kernel32

GetTickCount
DelayLoadFailureHook
InitializeCriticalSection
DeleteCriticalSection
GetVersionExW
GetSystemInfo
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetVersion
RtlUnwind
Sleep
InterlockedExchange
GetModuleFileNameA
InterlockedIncrement
InterlockedCompareExchange
FreeLibrary
GetEnvironmentVariableW
LoadLibraryA
GetProcAddress
QueryPerformanceCounter
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection

ole32

CoTaskMemFree
StgCreateStorageEx
StgCreateDocfile
CoTaskMemAlloc

oleaut32

VariantInit
SysFreeString
SafeArrayGetDim
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetUBound
SysAllocString

advapi32

RegCreateKeyExW
RegCreateKeyW
UnregisterTraceGuids
RegOpenKeyW
RegisterTraceGuidsW
GetTraceLoggerHandle
GetTraceEnableFlags
GetTraceEnableLevel
TraceEvent
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueA
RegSetValueExA
RegCloseKey

msdmo

MoFreeMediaType
DMOUnregister
MoCopyMediaType
DMORegister
MoInitMediaType

Exports

Exports

CreateInstance
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 966KB - Virtual size: 965KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT_DATA
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

01b7461473b5d8f020439aa551adf1d6

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

mfplat

kernel32

ole32

oleaut32

advapi32

msdmo

Exports

Exports

Sections

.text Size: 966KB - Virtual size: 965KB

RT_CODE Size: 97KB - Virtual size: 96KB

.data Size: 7KB - Virtual size: 50KB

RT_DATA Size: 1024B - Virtual size: 800B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 18KB - Virtual size: 17KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 966KB - Virtual size: 965KB

RT_CODE
Size: 97KB - Virtual size: 96KB

.data
Size: 7KB - Virtual size: 50KB

RT_DATA
Size: 1024B - Virtual size: 800B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 18KB - Virtual size: 17KB

.rmnet
Size: 56KB - Virtual size: 60KB