ec99b01878bbfc93aa276997f8f9bf487df80506bc5e85411f404fc8c8c90428

Sharing

Copy URL Twitter E-mail

General

Target

ec99b01878bbfc93aa276997f8f9bf487df80506bc5e85411f404fc8c8c90428
Size

174KB
MD5

627e7cd609630509c4bcf26fa404fc20
SHA1

c94340bcb5070b369a5d0ed35b74f0064e65dfdd
SHA256

ec99b01878bbfc93aa276997f8f9bf487df80506bc5e85411f404fc8c8c90428
SHA512

338c524f7107d4020ac9a122f6afd9e971b6f21c0123b9d8ffb864fa8796cd4ade76c2de70de7baeddb40516d2f1f6e307b65e7d952d01493021749c0d2b644d
SSDEEP

3072:hjgHqRWK4uO+Vbe3JBHJWV25vPdBK3sdVsR61TOKnfO6iy:hcHA4LyekGvFBwsdVYwDfOF

Score

N/A

Malware Config

Signatures

Files

ec99b01878bbfc93aa276997f8f9bf487df80506bc5e85411f404fc8c8c90428
.dll regsvr32 windows x86

22c3ed06cd5e9f31fdb0ae3fc3973cf7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler4_common
_amsg_exit
_initterm
_XcptFilter
iswctype
towupper
_wsplitpath_s
_wcsnicmp
_CIsin
_CIcos
_CIsqrt
_CIatan2
_ftol2_sse
_vsnwprintf
memcpy
malloc
free
memset
strchr

kernel32

GetFullPathNameA
GetTickCount
FreeLibrary
InterlockedIncrement
InterlockedDecrement
LocalFree
InterlockedExchange
GetFullPathNameW
GetModuleFileNameW
GetModuleHandleW
GetFileSize
SetFilePointer
ReadFile
CreateFileW
GetSystemTimeAsFileTime
lstrlenW
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
SetEvent
DeleteCriticalSection
ResetEvent
WideCharToMultiByte
GetCurrentProcessId
lstrcmpW
CreateFileA
WaitForSingleObject
WaitForMultipleObjects
SetThreadPriority
CreateThread
CreateEventW
LoadLibraryW
lstrcmpiW
ReadFileEx
DuplicateHandle
GetCurrentProcess
ReleaseMutex
MulDiv
GetVersion
LocalAlloc
LocalReAlloc
SleepEx
ResumeThread
GetProcAddress
DisableThreadLibraryCalls
UnmapViewOfFile
MultiByteToWideChar
CompareFileTime
lstrlenA
WriteFileEx
Sleep
GetSystemDirectoryW
GetPrivateProfileStringW
GetWindowsDirectoryW
HeapFree
HeapAlloc
GetProcessHeap
DeviceIoControl
SystemTimeToFileTime
GetLocalTime
MapViewOfFile
CreateFileMappingW
CreateMutexW
LoadResource
FindResourceW
InitializeCriticalSection
GetLastError
CreateProcessW
InterlockedCompareExchange
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CloseHandle
FreeLibraryAndExitThread
GetVersionExW

advapi32

GetSecurityInfo
SetEntriesInAclW
RegDeleteKeyW
GetUserNameW
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorControl
FreeSid
RegEnumKeyExW
RegSetKeySecurity
RegCreateKeyExW
RegCreateKeyW
RegOpenKeyW
RegEnumValueW
RegQueryValueW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegSetValueExW

user32

ClipCursor
ShowCursor
GetMessageTime
SendNotifyMessageW
GetCursorPos
GetSystemMetrics
MapVirtualKeyW
LoadStringW
keybd_event
IsRectEmpty
SubtractRect
RegisterWindowMessageW
SetWindowLongW
GetPropW
SetPropW
RemovePropW
CallWindowProcW
IsWindow
ToUnicodeEx
MapVirtualKeyExW
GetKeyboardLayout
GetActiveWindow
GetKeyNameTextW
GetKeyboardType
GetRawInputDeviceInfoW
GetRawInputDeviceList
PostMessageW
CharUpperW
UnhookWindowsHookEx
GetWindowThreadProcessId
IsIconic
GetForegroundWindow
GetWindowLongW
CallNextHookEx
SetWindowsHookExW
PostThreadMessageW
MsgWaitForMultipleObjects
DefWindowProcW
CreateWindowExW
RegisterClassW
LoadIconW
LoadCursorW
DestroyWindow
DispatchMessageW
TranslateMessage
PeekMessageW
SetTimer
GetInputState
SystemParametersInfoW
IntersectRect
GetWindowRect
GetDesktopWindow
MapWindowPoints
GetClientRect
ReleaseCapture
SetCursorPos
mouse_event
GetAsyncKeyState
SetCapture

Exports

Exports

DirectInput8Create
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22c3ed06cd5e9f31fdb0ae3fc3973cf7

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 124KB

.data Size: 7KB - Virtual size: 44KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 37KB - Virtual size: 37KB

.text
Size: 124KB - Virtual size: 124KB

.data
Size: 7KB - Virtual size: 44KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 37KB - Virtual size: 37KB