792f847622ea6961414382d9a153d187795b66e8ae298338db12b92fed73faf8

Sharing

Copy URL Twitter E-mail

General

Target

792f847622ea6961414382d9a153d187795b66e8ae298338db12b92fed73faf8
Size

308KB
MD5

10bae9b75e5566e00a154b9f68b80110
SHA1

7cd7249a9988afa98e14518057e88da3b62e49b4
SHA256

792f847622ea6961414382d9a153d187795b66e8ae298338db12b92fed73faf8
SHA512

b511287a9e8572757a664422ce093fbd29d53d1da3821424ac33d7658df540b4ba1d1fcfccfa890da0be9b4e8ae16765c35c4fd42e6956395e37d235cb41643f
SSDEEP

6144:l5/LAkm+At6zgxq2YffHZHnKx/ptjIZWoaXY00:l5jAiNfPZHnKxxtjeyY/

Score

N/A

Malware Config

Signatures

Files

792f847622ea6961414382d9a153d187795b66e8ae298338db12b92fed73faf8
.dll regsvr32 windows x86

148c9f6f0003e72de650e867c6cf258e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ord219

mf

MFGetService

mfplat

MFCreateMemoryBuffer
MFCreateMediaEvent
MFTUnregister
MFCreateSample
MFCreateEventQueue
MFCreateMediaType
MFCreateAttributes
MFTRegister

d3d9

Direct3DCreate9

d3d11

D3D11CreateDevice

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
WriteConsoleW
SetStdHandle
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceFrequency
FreeLibrary
GetProcAddress
LoadLibraryW
CloseHandle
WaitForSingleObject
SetEvent
ExpandEnvironmentStringsW
DisableThreadLibraryCalls
GetModuleFileNameW
GetVersionExW
WriteFile
WideCharToMultiByte
OutputDebugStringW
GetLocalTime
CreateFileW
QueryPerformanceCounter
Sleep
SetWaitableTimer
WaitForMultipleObjects
SetThreadPriority
GetCurrentThread
CreateThread
CreateWaitableTimerW
CreateEventW
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
FlushFileBuffers
HeapReAlloc
SetFilePointer
GetLastError
LCMapStringW
GetTickCount
MultiByteToWideChar
GetConsoleMode
DecodePointer
EncodePointer
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetStdHandle
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
ExitProcess
IsProcessorFeaturePresent
HeapSize
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleCP

user32

GetDesktopWindow

advapi32

EventWriteString
RegDeleteTreeW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

ole32

StringFromGUID2
CoTaskMemAlloc
CoCreateInstance

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

148c9f6f0003e72de650e867c6cf258e

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

mf

mfplat

d3d9

d3d11

kernel32

user32

advapi32

ole32

Exports

Exports

Sections

.text Size: 171KB - Virtual size: 170KB

.rdata Size: 57KB - Virtual size: 57KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 14KB - Virtual size: 13KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 171KB - Virtual size: 170KB

.rdata
Size: 57KB - Virtual size: 57KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 14KB - Virtual size: 13KB

.rmnet
Size: 56KB - Virtual size: 60KB