36855ebac0a28110ba4000c7a8b73eab5f9188c45f0097618238c6b38041a416

Sharing

Copy URL Twitter E-mail

General

Target

36855ebac0a28110ba4000c7a8b73eab5f9188c45f0097618238c6b38041a416
Size

422KB
MD5

7a8f16ab8ffe5db5d5f01a3511d27f70
SHA1

bc14b4c49e12270e25d682a0d0163e69ecaa5fb5
SHA256

36855ebac0a28110ba4000c7a8b73eab5f9188c45f0097618238c6b38041a416
SHA512

7b5e319bdf0f0e88f4c2ad49212c47a58252cc54d02ec3dc5967c27131ae8fb2e5f1ec416be731e3bdfc35e97686808ce915bf22703b86bb2b35dcc7b31d0b4d
SSDEEP

6144:SwRDJW/+HEdSCCjxGC8OZdSJnVbG9+U/YaaTaEKsKHgMAOce/:SmAoeqUNOZMRxU/YNe/sKHBj

Score

N/A

Malware Config

Signatures

Files

36855ebac0a28110ba4000c7a8b73eab5f9188c45f0097618238c6b38041a416
.dll regsvr32 windows x86

77380fecbf975aa6d33415613a4daac0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcscat_s
swscanf
printf
_ftol2_sse
_ftol2
sprintf
fopen_s
fread
wcscpy_s
_XcptFilter
_initterm
_amsg_exit
memmove
memset
??_U@YAPAXI@Z
??2@YAPAXI@Z
_purecall
??_V@YAXPAX@Z
wcsncpy_s
memcpy_s
free
malloc
_adjust_fdiv
_except_handler4_common
realloc
_errno
_unlock
__dllonexit
_lock
_onexit
??3@YAXPAX@Z
memcpy
_vsnwprintf
fclose

kernel32

SetEvent
OutputDebugStringA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
OutputDebugStringW
InterlockedExchange
CloseHandle
TerminateThread
WaitForSingleObject
Sleep
CreateThread
WriteFile
ReadFile
SetNamedPipeHandleState
CreateFileW
GetSystemDirectoryW
SetThreadLocale
GetThreadLocale
GetVersionExA

ole32

StringFromGUID2
PropVariantClear
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysFreeString
SysStringLen
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr

advapi32

RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW

user32

UnregisterClassA
CharNextW
wsprintfW

winmm

timeGetTime

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT_CONST
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

77380fecbf975aa6d33415613a4daac0

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

ole32

oleaut32

advapi32

user32

winmm

Exports

Exports

Sections

.text Size: 226KB - Virtual size: 226KB

RT_CODE Size: 1KB - Virtual size: 1KB

.data Size: 6KB - Virtual size: 7KB

RT_CONST Size: 1024B - Virtual size: 608B

RT_DATA Size: 2KB - Virtual size: 2KB

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 7KB - Virtual size: 7KB

.text Size: 162KB - Virtual size: 164KB

.text
Size: 226KB - Virtual size: 226KB

RT_CODE
Size: 1KB - Virtual size: 1KB

.data
Size: 6KB - Virtual size: 7KB

RT_CONST
Size: 1024B - Virtual size: 608B

RT_DATA
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 7KB - Virtual size: 7KB

.text
Size: 162KB - Virtual size: 164KB