1449f5cf844d676ff0295899887c0b2225b9967a1cd95cb5bb5b156a46bec5ba

Sharing

Copy URL Twitter E-mail

General

Target

1449f5cf844d676ff0295899887c0b2225b9967a1cd95cb5bb5b156a46bec5ba
Size

159KB
MD5

285902da6448fd28e3831801f42655a2
SHA1

2785b1f9a8933c1e1f363e5d47783e579d9ed83c
SHA256

1449f5cf844d676ff0295899887c0b2225b9967a1cd95cb5bb5b156a46bec5ba
SHA512

fd896237a82e1e3dd4b2f4ba7c2eefca41663f4392474e6a290195f20e253dcc6a768cdc1a27047ba0dd38bbf4af158b1f457a690be9a7ffcda7a8bad37bdf8e
SSDEEP

3072:w5bOn7zJoNasNaW9NzARwTP2KJ1LjmaxT/VHhVgI:0bk/wwW9NzCwTP2K3xTt

Score

N/A

Malware Config

Signatures

Files

1449f5cf844d676ff0295899887c0b2225b9967a1cd95cb5bb5b156a46bec5ba
.dll regsvr32 windows x64

0340a340a34831a533902bbe8af42cfc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcmpiA
DisableThreadLibraryCalls
GetModuleFileNameA
GetModuleHandleW
IsDBCSLeadByte
GetVersion
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
FindClose
FindNextFileA
FindFirstFileA
GetEnvironmentVariableA
GlobalUnlock
GlobalLock
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileIntA
lstrlenA
lstrcpynW
GlobalAlloc
GetFileAttributesA
SetEnvironmentVariableA
CloseHandle
CreateProcessA
CreateFileW
WriteConsoleW
GetTimeZoneInformation
GetProcessHeap
SetEndOfFile
GetDriveTypeW
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetProcAddress
GetModuleHandleA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
lstrcpynA
MultiByteToWideChar
GetConsoleCP
SetStdHandle
LoadLibraryW
GetStringTypeW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoW
SetHandleCount
GetCurrentDirectoryW
CreateFileA
GetFileType
HeapAlloc
HeapFree
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
VirtualProtect
VirtualAlloc
SetThreadStackGuarantee
GetSystemInfo
VirtualQuery
DecodePointer
EncodePointer
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
GetCurrentThreadId
FlsSetValue
GetCommandLineA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FlsGetValue
FlsFree
SetLastError
FlsAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
TerminateProcess
GetCurrentProcess
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
HeapSetInformation
HeapCreate
HeapDestroy
HeapReAlloc
HeapSize
Sleep
LCMapStringW
ReadFile
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
CompareStringW

user32

InsertMenuItemA
EnableMenuItem
SetMenuItemBitmaps
InsertMenuA
CharNextW
CharNextA
LoadBitmapA
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
CreatePopupMenu

gdi32

DeleteObject

advapi32

RegEnumKeyExA
RegQueryInfoKeyW
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryInfoKeyA

shell32

DragQueryFileA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
ReleaseStgMedium

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0340a340a34831a533902bbe8af42cfc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 7KB - Virtual size: 16KB

.pdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 7KB - Virtual size: 16KB

.pdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 2KB - Virtual size: 1KB