181615c74a70c737ab15a8f6bad1283d4344a96fd03f609025514c6cc3c5915a

Sharing

Copy URL Twitter E-mail

General

Target

181615c74a70c737ab15a8f6bad1283d4344a96fd03f609025514c6cc3c5915a
Size

149KB
MD5

4318b6b0527371ecd835e4ecac7c7de0
SHA1

937129b91dca6da00501fb433efefcf9274d3c13
SHA256

181615c74a70c737ab15a8f6bad1283d4344a96fd03f609025514c6cc3c5915a
SHA512

2ff42c30510ae94e4134c9395506581982586f086daf90adb2c530fbe0ddd9b3871868c81b4247fced61a3dd649bd4a65bb0e16ea1420ec6dd3f473e8b640240
SSDEEP

3072:ZB24HJUm6viChRhtnl+h9HlrpAk/L1toBnhqZ:ZEcUmeDfnl+wkT1toBg

Score

N/A

Malware Config

Signatures

Files

181615c74a70c737ab15a8f6bad1283d4344a96fd03f609025514c6cc3c5915a
.dll regsvr32 windows x86

e151d6659bd4e0008e1f54fe22375603

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DisableThreadLibraryCalls
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

msvcr80

_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_encode_pointer
_malloc_crt
_encoded_null
free
_decode_pointer
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
_initterm
__dllonexit

ole32

HWND_UserFree
HWND_UserMarshal
HWND_UserUnmarshal
HWND_UserSize

oleaut32

BSTR_UserMarshal
LPSAFEARRAY_UserSize
BSTR_UserUnmarshal
BSTR_UserFree
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserUnmarshal
BSTR_UserSize

rpcrt4

NdrOleFree
NdrOleAllocate
CStdStubBuffer_CountRefs
IUnknown_Release_Proxy
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_QueryInterface
IUnknown_QueryInterface_Proxy
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Connect
NdrStubForwardingFunction
NdrStubCall2
CStdStubBuffer_AddRef
NdrDllGetClassObject
NdrCStdStubBuffer2_Release
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
IUnknown_AddRef_Proxy
NdrDllUnregisterProxy
NdrDllRegisterProxy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e151d6659bd4e0008e1f54fe22375603

Headers

File Characteristics

Imports

kernel32

msvcr80

ole32

oleaut32

rpcrt4

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 25KB

.orpc Size: 2KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

.text Size: 108KB - Virtual size: 112KB

.text
Size: 26KB - Virtual size: 25KB

.orpc
Size: 2KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 108KB - Virtual size: 112KB