f974dbe0eeddd300d7b285a3d8a25c828ef58c93f47cd44a55735938ee14e189

Sharing

Copy URL

Twitter E-mail

General

Target

f974dbe0eeddd300d7b285a3d8a25c828ef58c93f47cd44a55735938ee14e189
Size

465KB
MD5

8185262e3855d0c86c69c7fcc906b7c0
SHA1

cb5042dc99dbd0ddc27685184471b6ade63fb4c1
SHA256

f974dbe0eeddd300d7b285a3d8a25c828ef58c93f47cd44a55735938ee14e189
SHA512

0268e3590ca6ec9f147a36b736c4c9ea4122e83cbe4163fe5479d2111a17a7e1f010fa98b56fef5ac5890d38e3ac4d873bfdc7aa55a2f465fbfd78ce13604591
SSDEEP

12288:qslcS+k8Meq/nxykRVbyLIxoNb0it2zsWySf0KY5nyWySf0KY5nT6Y2HhX+:fKSBeq/xykRhEHz2wq8znyq8znh2Hhu

Score

N/A

Malware Config

Signatures

Files

f974dbe0eeddd300d7b285a3d8a25c828ef58c93f47cd44a55735938ee14e189
.dll regsvr32 windows x86

68ef34fb5f6e5b6dfa7ea564c50ac4fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_unlock
wcsstr
_wtol
wcsrchr
??_V@YAXPAX@Z
_purecall
??2@YAPAXI@Z
malloc
free
_CxxThrowException
??_U@YAPAXI@Z
memset
memcpy
_onexit
_lock
__dllonexit
??3@YAXPAX@Z
realloc
??1type_info@@UAE@XZ
_amsg_exit
_initterm
_XcptFilter
_vsnwprintf
_errno
__CxxFrameHandler
_wtoi
memmove

advapi32

FreeSid
DuplicateTokenEx
CheckTokenMembership
IsValidSid
CopySid
ConvertStringSidToSidW
AllocateAndInitializeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RevertToSelf
RegEnumKeyExW
RegQueryInfoKeyW
InitiateSystemShutdownExW
OpenThreadToken
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
GetTokenInformation
RegOpenCurrentUser
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
AddAccessAllowedAce
RegDeleteValueW
RegQueryValueExW
GetUserNameW
GetLengthSid
InitializeAcl
ImpersonateSelf

comctl32

InitCommonControlsEx

kernel32

InterlockedExchange
lstrlenW
RaiseException
InitializeCriticalSection
GetLastError
InterlockedIncrement
InterlockedDecrement
LoadLibraryW
VirtualAlloc
GetModuleHandleW
lstrcmpiW
FreeLibrary
SetLastError
GetModuleFileNameW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetTickCount
CreateProcessW
LocalFree
VirtualProtect
GetTimeFormatW
SystemTimeToTzSpecificLocalTime
HeapAlloc
HeapFree
GetProcessHeap
CompareStringW
GetSystemInfo
GetVersionExA
WideCharToMultiByte
CompareStringA
InterlockedCompareExchange
Sleep
OutputDebugStringA
RtlUnwind
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetEvent
CompareFileTime
GetFileType
GetVolumePathNameW
GetDriveTypeW
ReadFile
CreateThread
DuplicateHandle
ExitProcess
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DisableThreadLibraryCalls
GetCommandLineW
InitializeCriticalSectionAndSpinCount
CreateFileW
CreateDirectoryW
CloseHandle
GetFileSizeEx
GetFileAttributesW
ExpandEnvironmentStringsW
GetCurrentThread
GetNumberFormatW
ConvertDefaultLocale
GetLocaleInfoW
GetDateFormatW
IsValidLocale
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetSystemDirectoryW
GetSystemWindowsDirectoryW
FindResourceExW
LockResource
HeapReAlloc
GetTimeZoneInformation
FileTimeToSystemTime
SystemTimeToFileTime
CreateEventW
GetVersionExW
VerSetConditionMask
VerifyVersionInfoW
OutputDebugStringW
WriteFile
FlushFileBuffers
GetSystemTime
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
SetFilePointer
SetEndOfFile
ReleaseMutex
WaitForSingleObject
CreateMutexW

ole32

CoCreateGuid
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoInitializeEx
CoUninitialize
StringFromCLSID

oleaut32

VariantTimeToSystemTime
VarUI4FromStr
RegisterTypeLi
SysFreeString
LoadTypeLi
SystemTimeToVariantTime
SysAllocString
SysStringLen
UnRegisterTypeLi

shell32

ShellExecuteW
Shell_NotifyIconW

user32

MapWindowPoints
GetWindowRect
GetWindowTextW
GetWindow
SystemParametersInfoW
UnregisterClassA
SetCapture
ReleaseCapture
GetFocus
CopyRect
InvalidateRect
GetDlgCtrlID
PtInRect
GetClientRect
TrackMouseEvent
GetSysColor
DrawFrameControl
LoadBitmapW
ShowScrollBar
EnableWindow
PostMessageW
IsIconic
GetWindowTextLengthW
RedrawWindow
UpdateWindow
SetFocus
GetDC
SetRect
DrawTextW
CreateWindowExW
ReleaseDC
IsDlgButtonChecked
CheckDlgButton
SetDlgItemTextW
SendDlgItemMessageW
GetParent
GetWindowLongW
SetWindowLongW
DestroyIcon
GetDlgItem
GetSystemMetrics
LoadImageW
SendMessageW
SetWindowPos
LoadStringW
CharNextW
ShowWindow
SetTimer
SetForegroundWindow
KillTimer
IsWindowVisible
DestroyWindow
DrawAnimatedRects
FindWindowExW
FindWindowW
DefWindowProcW
RegisterClassExW
GetClassInfoExW
EndDialog
BeginPaint
EndPaint
ScreenToClient
SetCursor
LoadCursorW
FillRect
CreateDialogParamW
DrawFocusRect
IsDialogMessageW
PostQuitMessage
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
TranslateMessage
EnableMenuItem
GetSystemMenu
GetDlgItemTextW
DrawEdge
DrawIconEx
ExitWindowsEx
SetWindowTextW
DialogBoxParamW

gdi32

GetStockObject
DeleteDC
CreateCompatibleDC
GetTextExtentPoint32W
CreateRectRgnIndirect
SelectClipRgn
CreateRectRgn
SetTextColor
SetBkMode
GetTextMetricsW
SetBkColor
ExtTextOutW
SelectObject
DeleteObject
CreateFontIndirectW
GetObjectW

rpcrt4

RpcStringFreeA
UuidToStringA

msimg32

GradientFill

shlwapi

StrRChrW
StrChrW
PathStripPathW
PathStripToRootW
PathIsRelativeW
PathIsRootW
PathIsUNCW

cabinet

ord22
ord20
ord23
ord21

crypt32

CertFindCertificateInStore
CertVerifyCertificateChainPolicy
CertOpenStore
CertControlStore
CryptHashPublicKeyInfo
CertFreeCertificateContext
CertCloseStore
CertGetCertificateContextProperty

wintrust

WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WinVerifyTrust

Exports

Exports

ServiceMain
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68ef34fb5f6e5b6dfa7ea564c50ac4fe

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

comctl32

kernel32

ole32

oleaut32

shell32

user32

gdi32

rpcrt4

msimg32

shlwapi

cabinet

crypt32

wintrust

Exports

Exports

Sections

.text Size: 159KB - Virtual size: 159KB

.data Size: 1024B - Virtual size: 4KB

.rsrc Size: 293KB - Virtual size: 293KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 159KB - Virtual size: 159KB

.data
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 293KB - Virtual size: 293KB

.reloc
Size: 10KB - Virtual size: 9KB