1b68b5a08a90cafbfc5495ddc55017545dd76011c70791d2c836f04b83dfcfd0

Sharing

Copy URL Twitter E-mail

General

Target

1b68b5a08a90cafbfc5495ddc55017545dd76011c70791d2c836f04b83dfcfd0
Size

1.4MB
MD5

45d4c1fd5a0b9eae679c5edfd66505c0
SHA1

a6db3e90f6da306ec961ea15329c68dc3f5d663c
SHA256

1b68b5a08a90cafbfc5495ddc55017545dd76011c70791d2c836f04b83dfcfd0
SHA512

2b0a10a50b1f795ef7ff4473a6a308f12015d203b4d034b7910cd82af716a6b2f19d765baa5163fdf397558fc8ef985f0afc71335578f15a413ea8e1e83d078d
SSDEEP

24576:2y4KEYSSEJoZcpdZjb72f8VDviIZ33bI/bnvzmL/CI:8KEYk7iM3oDzm7C

Score

N/A

Malware Config

Signatures

Files

1b68b5a08a90cafbfc5495ddc55017545dd76011c70791d2c836f04b83dfcfd0
.dll regsvr32 windows x86

7f9d296247639ae21c9d5eb556ee8f13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wctomb
_itoa
_snprintf
_iob
isleadbyte
_onexit
_lock
__dllonexit
_unlock
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty
??3@YAXPAX@Z
_vsnwprintf
fopen
fflush
fprintf
abort
fclose
printf
??2@YAPAXI@Z
fwprintf
asctime
localtime
_CIsqrt
_wfopen
time
_beginthreadex
floor
_ftol
_errno
_purecall
memcpy
memset
puts
perror

mfplat

MFHeapAlloc
MFHeapFree

user32

IsRectEmpty

kernel32

VirtualAlloc
VirtualFree
VirtualProtect
DelayLoadFailureHook
SetThreadAffinityMask
GetProcessAffinityMask
GetSystemInfo
LocalAlloc
SetEvent
LoadLibraryW
GetCurrentThread
GetThreadPriority
SetThreadPriority
InterlockedExchangeAdd
SignalObjectAndWait
GetSystemPowerStatus
LocalFree
ResetEvent
CreateEventW
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
GetProcAddress
LoadLibraryA
DeleteCriticalSection
QueryPerformanceCounter
InitializeCriticalSection
FreeLibrary
InterlockedCompareExchange
InterlockedIncrement
GetModuleFileNameA
InterlockedExchange
Sleep
OutputDebugStringA
RtlUnwind
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapAlloc
GetProcessHeap
HeapFree
CloseHandle
GetModuleHandleW
GetVersionExA
DeviceIoControl
FreeEnvironmentStringsA
FreeEnvironmentStringsW
lstrlenA
lstrlenW
GetEnvironmentStrings
GetEnvironmentStringsW
GetDiskFreeSpaceA
GlobalMemoryStatus
GetLocalTime
GetVersion
GetComputerNameA
GetEnvironmentVariableW
QueryPerformanceFrequency
GetVersionExW
WaitForSingleObject
CreateSemaphoreW
ReleaseSemaphore
WaitForMultipleObjects
CreateThread
ExitProcess
InitializeCriticalSectionAndSpinCount
GetLastError
SetLastError

ole32

CoTaskMemAlloc
CoTaskMemFree

advapi32

GetTraceLoggerHandle
RegCreateKeyW
RegSetValueExA
RegSetValueA
RegQueryValueExW
GetTraceEnableLevel
GetTraceEnableFlags
RegisterTraceGuidsW
RegOpenKeyW
UnregisterTraceGuids
RegCreateKeyExA
RegQueryValueExA
RegCreateKeyExW
TraceEvent
RegCloseKey
RegSetValueExW
RegOpenKeyExW

msdmo

DMOUnregister
DMORegister
MoFreeMediaType
MoCopyMediaType
MoInitMediaType

ws2_32

ntohl
htonl

Exports

Exports

CreateInstance
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.no_bbt
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT_DATA
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7f9d296247639ae21c9d5eb556ee8f13

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

mfplat

user32

kernel32

ole32

advapi32

msdmo

ws2_32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.no_bbt Size: 512B - Virtual size: 376B

RT_CODE Size: 4KB - Virtual size: 4KB

.data Size: 139KB - Virtual size: 138KB

RT_DATA Size: 512B - Virtual size: 296B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 16KB - Virtual size: 15KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.no_bbt
Size: 512B - Virtual size: 376B

RT_CODE
Size: 4KB - Virtual size: 4KB

.data
Size: 139KB - Virtual size: 138KB

RT_DATA
Size: 512B - Virtual size: 296B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 15KB

.rmnet
Size: 56KB - Virtual size: 60KB