ddddd0a17ae4c4ce1e03cd20ebebf2e8a024ee02ba426538e0fd62336c035170

Sharing

Copy URL

Twitter E-mail

General

Target

ddddd0a17ae4c4ce1e03cd20ebebf2e8a024ee02ba426538e0fd62336c035170
Size

136KB
MD5

6e0dfa0cd3aec2e5c5fe3c17a81a1540
SHA1

c0a939751c84ecba1940a3e5b5c7e89bde9d7bfc
SHA256

ddddd0a17ae4c4ce1e03cd20ebebf2e8a024ee02ba426538e0fd62336c035170
SHA512

192c2d7c18ff8b5595db9b5f697d843098b561be99a64236a8a16c71a52f50a2c93c0d51c1c045a2ef8e0de7afbdec92e982eb7836dcd394fe17a5950fdbd06d
SSDEEP

1536:SIXspurwV8UFcr0srdwZZ2Y6CUYjW/KZdnk446ODq7xcVgOmuYORLusMXSyhOZM:hzDvr0sxwn3TZdnkH6OO+JVMCyn

Score

N/A

Malware Config

Signatures

Files

ddddd0a17ae4c4ce1e03cd20ebebf2e8a024ee02ba426538e0fd62336c035170
.dll regsvr32 windows x86

d47772b1e5adb41af24f88c3724d8ff3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DisableThreadLibraryCalls
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

rpcrt4

CStdStubBuffer_DebugServerQueryInterface
NdrStubCall2
NdrStubForwardingFunction
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
NdrDllUnregisterProxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerRelease
NdrDllRegisterProxy
NdrCStdStubBuffer2_Release
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrOleAllocate
NdrOleFree
IUnknown_QueryInterface_Proxy

oleaut32

LPSAFEARRAY_UserFree
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserSize
VARIANT_UserSize
VARIANT_UserMarshal
VARIANT_UserFree
BSTR_UserSize
BSTR_UserMarshal
BSTR_UserUnmarshal
BSTR_UserFree
VARIANT_UserUnmarshal

ole32

HWND_UserUnmarshal
HWND_UserMarshal
HWND_UserSize
HWND_UserFree

msvcr80

_malloc_crt
_crt_debugger_hook
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_encode_pointer
_encoded_null
_decode_pointer
_initterm
_initterm_e
free
_amsg_exit
_adjust_fdiv

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.orpc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d47772b1e5adb41af24f88c3724d8ff3

Headers

File Characteristics

Imports

kernel32

rpcrt4

oleaut32

ole32

msvcr80

Exports

Exports

Sections

.orpc Size: 8KB - Virtual size: 5KB

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 5KB

.text Size: 68KB - Virtual size: 68KB

.orpc
Size: 8KB - Virtual size: 5KB

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 68KB - Virtual size: 68KB