9f35beaa47bb167105d704e5f785e6f9ccb73dfa554ec90f299f33596360c4d1

Sharing

Copy URL Twitter E-mail

General

Target

9f35beaa47bb167105d704e5f785e6f9ccb73dfa554ec90f299f33596360c4d1
Size

104KB
MD5

71d759fa710dd01163f88b2ae8f3ce70
SHA1

81bd21c5f8e0518b1d627a03568a1bf86f84e186
SHA256

9f35beaa47bb167105d704e5f785e6f9ccb73dfa554ec90f299f33596360c4d1
SHA512

365ae5bdb20dcbcb8e7bdfbac7dee83252c605a9d0f8a111054822566db84f0f7eecef30b3992768909bf9492b9db4ea7199df951524c0cab472efea2988abcf
SSDEEP

3072:l/ktfXqP/4O2pESqk8T9g4HQmgKSXrqfbaLEd4ZRrkHip:l/kt/qP/4O2pESqk49FHBgibR40o

Score

N/A

Malware Config

Signatures

Files

9f35beaa47bb167105d704e5f785e6f9ccb73dfa554ec90f299f33596360c4d1
.exe regsvr32 windows x64

fcb200da8f786fe03d24c855f55d5ae1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shlwapi

StrRChrA
StrStrIA

advapi32

CryptHashData
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptCreateHash
CryptAcquireContextA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegOpenKeyA
SetServiceStatus
GetUserNameA

user32

CharLowerA
CharNextA
LoadStringA
wvsprintfA

kernel32

GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
CloseHandle
lstrlenA
GetModuleHandleA
GetStringTypeExA
GetThreadLocale
lstrcmpA
ReadFile
GetFileSize
CreateFileA
VirtualQuery
Sleep
SystemTimeToFileTime
GetCurrentProcessId
UnmapViewOfFile
ReleaseMutex
WaitForSingleObject
DuplicateHandle
GetCurrentProcess
OpenProcess
MapViewOfFileEx
VirtualFree
IsBadReadPtr
GetLastError
GetFileTime
GetVolumeInformationA
OpenFileMappingW
lstrlenW
GetComputerNameA
GetProcAddress
LoadLibraryA
FreeLibrary
GetSystemTime
GetModuleFileNameA
lstrcpynA
MoveFileExA
GetTickCount
GetVersionExA
FreeLibraryAndExitThread
CreateThread
CreateEventA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetEnvironmentStringsW
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
QueryPerformanceCounter
HeapReAlloc
RtlLookupFunctionEntry
RtlUnwindEx
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapFree
HeapSetInformation
HeapCreate
HeapAlloc
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
RaiseException
RtlPcToFileHeader
HeapSize
WriteFile
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetStartupInfoA

ole32

OleUninitialize
CoCreateInstance
OleInitialize
StringFromGUID2

wininet

HttpOpenRequestA
HttpSendRequestA
InternetQueryDataAvailable
InternetConnectA
InternetGetConnectedState
InternetCheckConnectionA
InternetReadFile
InternetOpenA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetCloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcb200da8f786fe03d24c855f55d5ae1

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

advapi32

user32

kernel32

ole32

wininet

Exports

Exports

Sections

.text Size: 91KB - Virtual size: 90KB

.data Size: 4KB - Virtual size: 9KB

.pdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 91KB - Virtual size: 90KB

.data
Size: 4KB - Virtual size: 9KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 3KB