4a17c96b1f0928b49e3cf972b7d21f061d99519b

Sharing

Copy URL

Twitter E-mail

General

Target

4a17c96b1f0928b49e3cf972b7d21f061d99519b
Size

786KB
MD5

167a003873dcc6ef4e44941a86bf3353
SHA1

4a17c96b1f0928b49e3cf972b7d21f061d99519b
SHA256

402dec0383d1a678aab2e99b346fed596ec971fd75d33ab2312b34abf59e8eb9
SHA512

fcfe37e272c67e9b94456c108aecf36af4400a8c3d1dcc3b558511082043ce88c2694d38f1649990767dc0b52352e5acb8bd28348c3366b5cc13c56736a9488d
SSDEEP

12288:bALDBmhagVyZtnJ4D4bzv4MN54IG4w4BGFh+y+gVxD1ZTIAJ60YcYCYVEt+e0mE7:kLDMhagstUZnJTVMREVIAzgG69

Score

N/A

Malware Config

Signatures

Files

4a17c96b1f0928b49e3cf972b7d21f061d99519b
.dll regsvr32 windows x64

670c629874066cc7173cf833f064f3d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetTimeZoneInformation
ReadConsoleW
FormatMessageA
LocalFree
GetVersionExA
GetCurrentProcess
CloseHandle
VirtualAlloc
GetLastError
ReadFile
SetStdHandle
HeapFree
HeapAlloc
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
GetCommandLineA
GetCurrentThreadId
GetProcessHeap
GetStdHandle
WriteFile
GetModuleFileNameW
IsDebuggerPresent
IsProcessorFeaturePresent
HeapSize
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FatalAppExitA
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
GetModuleHandleW
CreateSemaphoreW
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
CreateFileW
GetCurrentThread
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
GetStringTypeW
GetConsoleCP
SetFilePointerEx
WriteConsoleW
FlushFileBuffers
SetEnvironmentVariableA

user32

MessageBoxA

advapi32

FreeSid
LookupAccountNameA
IsValidSid
GetTokenInformation
CopySid
OpenProcessToken
LsaNtStatusToWinError
LsaRetrievePrivateData
LsaStorePrivateData
LsaAddAccountRights
AddAccessAllowedAce
AddAccessDeniedAce
AddAce
DeleteAce
EqualSid
GetAce
GetAclInformation
GetLengthSid
InitializeAcl
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
LookupAccountSidA
RegQueryValueExA
AllocateAndInitializeSid
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
InitializeSecurityDescriptor
MakeAbsoluteSD
MakeSelfRelativeSD
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
RegCreateKeyExA
LsaFreeMemory
LsaClose
LsaOpenPolicy

ole32

CoInitialize

Exports

Exports

DllRegisterServer

Sections

.text
Size: 443KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

670c629874066cc7173cf833f064f3d2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Exports

Exports

Sections

.text Size: 443KB - Virtual size: 443KB

.rdata Size: 121KB - Virtual size: 121KB

.data Size: 12KB - Virtual size: 22KB

.pdata Size: 21KB - Virtual size: 21KB

.rsrc Size: 182KB - Virtual size: 182KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 443KB - Virtual size: 443KB

.rdata
Size: 121KB - Virtual size: 121KB

.data
Size: 12KB - Virtual size: 22KB

.pdata
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 182KB - Virtual size: 182KB

.reloc
Size: 4KB - Virtual size: 3KB