0359964ebc5eb9ce23211edfe0212eaa17f3de1a9c9291a2503707b6f78d5719

Sharing

Copy URL Twitter E-mail

General

Target

0359964ebc5eb9ce23211edfe0212eaa17f3de1a9c9291a2503707b6f78d5719
Size

112KB
MD5

a27e58d4109341298d39c8c9bc5a3b70
SHA1

d91a39538c0476dd4c87d3da19075ac39221ff46
SHA256

0359964ebc5eb9ce23211edfe0212eaa17f3de1a9c9291a2503707b6f78d5719
SHA512

16640d52fcf8e0d439283556b49009a65df31d421001c77ee2746a889928ce6e44c954d9feb4a5c4ef1b8ebd503088b31a8c74d09ca3b2888cc161c2b3c89e96
SSDEEP

3072:MtLprK+A+eREaJPb4ePJJc5h0gb35QTO/PL6l4ZRr6dmA8pNp:YpK+A+eREaJPb4exJc5ugD/Wl4qdmpX

Score

N/A

Malware Config

Signatures

Files

0359964ebc5eb9ce23211edfe0212eaa17f3de1a9c9291a2503707b6f78d5719
.exe regsvr32 windows x64

6b175742b7e0b8c611c063b8e3f637b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shlwapi

StrRChrA
StrStrIA

advapi32

CryptHashData
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptCreateHash
CryptAcquireContextA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegOpenKeyA
SetServiceStatus
GetUserNameA

user32

CharLowerA
CharNextA
LoadStringA
wvsprintfA

kernel32

GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
CloseHandle
lstrlenA
GetModuleHandleA
GetStringTypeExA
GetThreadLocale
lstrcmpA
ReadFile
GetFileSize
CreateFileA
VirtualQuery
Sleep
SystemTimeToFileTime
GetCurrentProcessId
UnmapViewOfFile
ReleaseMutex
WaitForSingleObject
DuplicateHandle
GetCurrentProcess
OpenProcess
MapViewOfFileEx
VirtualFree
IsBadReadPtr
GetLastError
GetFileTime
GetVolumeInformationA
OpenFileMappingW
lstrlenW
GetComputerNameA
GetProcAddress
LoadLibraryA
FreeLibrary
GetSystemTime
GetModuleFileNameA
lstrcpynA
MoveFileExA
FileTimeToSystemTime
GetTickCount
GetVersionExA
FreeLibraryAndExitThread
CreateThread
CreateEventA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetEnvironmentStringsW
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
QueryPerformanceCounter
HeapReAlloc
RtlLookupFunctionEntry
RtlUnwindEx
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapFree
HeapSetInformation
HeapCreate
HeapAlloc
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
RaiseException
RtlPcToFileHeader
HeapSize
WriteFile
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetStartupInfoA

ole32

OleUninitialize
CoCreateInstance
OleInitialize
StringFromGUID2

wininet

HttpOpenRequestA
HttpSendRequestA
InternetQueryDataAvailable
InternetConnectA
InternetGetConnectedState
InternetCheckConnectionA
InternetReadFile
InternetOpenA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetCloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b175742b7e0b8c611c063b8e3f637b5

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

advapi32

user32

kernel32

ole32

wininet

Exports

Exports

Sections

.text Size: 97KB - Virtual size: 97KB

.data Size: 4KB - Virtual size: 9KB

.pdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 97KB - Virtual size: 97KB

.data
Size: 4KB - Virtual size: 9KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB