6926a6b6dbf5c01a4504345c2d921b85d7d9e358338cda736d9425b13eec8f65

Sharing

Copy URL Twitter E-mail

General

Target

6926a6b6dbf5c01a4504345c2d921b85d7d9e358338cda736d9425b13eec8f65
Size

167KB
MD5

5a8b5f1f2b44e606cf7e133d9cc3a34c
SHA1

b58f986e2a7994b945769062b763c8eb92991fc2
SHA256

6926a6b6dbf5c01a4504345c2d921b85d7d9e358338cda736d9425b13eec8f65
SHA512

092cebe19a5107b2ffc5b22595c744b8ea0228972f5786ba1056a312447d29957c2ee4fe779c0f92e296ffca9439db8880c27f7f352907c0b07f586e50545a6d
SSDEEP

3072:pnfAD6vrCopDuO6gcvPo1ZnH2X3fQBIQOQLVb4:dAD6vOopD7SoHH2X3fQBD52

Score

N/A

Malware Config

Signatures

Files

6926a6b6dbf5c01a4504345c2d921b85d7d9e358338cda736d9425b13eec8f65
.dll regsvr32 windows x86

fb2a23ac370a3bf64421d7679d038684

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

xpcom

NS_StringGetMutableData
NS_GetComponentManager
NS_GetServiceManager
NS_CStringContainerFinish
NS_CStringContainerInit
NS_StringContainerFinish
NS_StringContainerInit2
NS_StringContainerInit
NS_CStringSetDataRange
NS_CStringSetData
NS_CStringGetData
NS_StringSetDataRange
NS_StringSetData
NS_StringGetData

kernel32

RtlUnwind
WriteConsoleW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
MultiByteToWideChar
GlobalAlloc
GlobalFree
GetProcAddress
LoadLibraryW
WideCharToMultiByte
lstrcmpiA
VirtualQuery
lstrlenA
lstrlenW
lstrcmpW
lstrcmpA
InterlockedExchangeAdd
GetLastError
lstrcatW
lstrcpyW
GetModuleFileNameW
lstrcmpiW
CloseHandle
lstrcpyA
FindNextFileW
WriteFile
CreateFileW
GetFileAttributesW
GetCurrentProcessId
GetCurrentThreadId
GetStringTypeW
SetStdHandle
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
DecodePointer
EncodePointer
RaiseException
GetCommandLineA
GetCurrentProcess
GetStdHandle
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
LCMapStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
HeapCreate
Sleep
ExitProcess
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW

Exports

Exports

DllRegisterServer
DllUnregisterServer
NSModule

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb2a23ac370a3bf64421d7679d038684

Headers

DLL Characteristics

File Characteristics

Imports

xpcom

kernel32

Exports

Exports

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 49KB - Virtual size: 49KB

.data Size: 5KB - Virtual size: 21KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 49KB - Virtual size: 49KB

.data
Size: 5KB - Virtual size: 21KB

.reloc
Size: 10KB - Virtual size: 9KB