39a0dc878ca133e945779e8727f0a76df7f4e83882e125a072d57ba6311e694e

Sharing

Copy URL Twitter E-mail

General

Target

39a0dc878ca133e945779e8727f0a76df7f4e83882e125a072d57ba6311e694e
Size

293KB
MD5

2f44c2dd9157e41d033019b7b79c3866
SHA1

a6f3bf35674beff42d5ba7fc05680913e4983d41
SHA256

39a0dc878ca133e945779e8727f0a76df7f4e83882e125a072d57ba6311e694e
SHA512

dfbbcbea2a90f10126a4edf6de7c1f8ffa03e5deb793cc1b12d837d42131e2575f1244090d1a3b8f1250f91a1cec3fb21950f982e8dd709307b49755779b92f7
SSDEEP

6144:N7G4n0FyduYoAAiUI335vYC5EihKwcFzgdbVY6:RG4QyUY/35QC5E9L9abK6

Score

N/A

Malware Config

Signatures

Files

39a0dc878ca133e945779e8727f0a76df7f4e83882e125a072d57ba6311e694e
.dll regsvr32 windows x86

df8bbbb0550e1c1d3ff6431b4d57e130

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
VirtualProtect
GetProcAddress
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
RaiseException
GetLastError
DecodePointer
DeleteCriticalSection
FreeLibrary
GetModuleHandleW
GetModuleHandleA
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetThreadLocale
SetThreadLocale
EncodePointer
EnterCriticalSection
LeaveCriticalSection
SetFilePointerEx
SetStdHandle
GetConsoleMode
VirtualAlloc
CloseHandle
CreateFileW
lstrcmpiW
VirtualFree
GetConsoleCP
FlushFileBuffers
LCMapStringW
GetStringTypeW
FreeEnvironmentStringsW
WriteConsoleW
IsDebuggerPresent
OutputDebugStringW
HeapFree
HeapAlloc
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
GetProcessHeap
ExitProcess
GetModuleHandleExW
WideCharToMultiByte
GetStdHandle
WriteFile
HeapSize
HeapReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW

user32

CharNextW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

LoadRegTypeLi
LoadTypeLi
SysAllocString
SysStringLen
RegisterTypeLi
VarUI4FromStr
SysFreeString

Exports

Exports

AutoUpdateW
DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df8bbbb0550e1c1d3ff6431b4d57e130

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 189KB - Virtual size: 197KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 189KB - Virtual size: 197KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 5KB - Virtual size: 5KB