c641af7598888754de1fac3d08291819b4e2a2d3870828df99e90cdd943bca23

Sharing

Copy URL

Twitter E-mail

General

Target

c641af7598888754de1fac3d08291819b4e2a2d3870828df99e90cdd943bca23
Size

140KB
MD5

91d6a2eef54e500ff233f5dfd1ae2fb0
SHA1

a1320294e920023ec37675d543718937a73a8b87
SHA256

c641af7598888754de1fac3d08291819b4e2a2d3870828df99e90cdd943bca23
SHA512

d378638c4a518b738b92fe4352b3fcf93181f790c1c732c07b79c71a96875250ea18a2017325bcf5b506a23ee46d1dfc1ddf1d4440e495baa27430133ce6ecf0
SSDEEP

3072:BKpHQW/7QuwWTo7MabbfsVnzAd+Ee+K2NY2j:BawWJwio4UEp8dxTF3

Score

N/A

Malware Config

Signatures

Files

c641af7598888754de1fac3d08291819b4e2a2d3870828df99e90cdd943bca23
.dll regsvr32 windows x86

d190bc126faefb7bfc455ecb5d844565

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcsncpy
wcsstr
wcscat_s
wcscpy_s
memset
??3@YAXPAX@Z
malloc
_onexit
_lock
__dllonexit
_unlock
_errno
realloc
_except_handler4_common
_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
_CIsqrt
_CIlog10
sprintf_s
_ftol2
??2@YAPAXI@Z
??_U@YAPAXI@Z
strstr
_purecall
??_V@YAXPAX@Z
memcpy
wcsncpy_s
_vsnwprintf
_ftol2_sse
_CIsin
_CIcos
_CIatan2
floor
memcpy_s
free

kernel32

GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateEventA
LocalAlloc
LocalFree
OutputDebugStringA
InterlockedExchange
QueryPerformanceCounter
InterlockedCompareExchange
CloseHandle
WaitForSingleObject
SetEvent
WriteFile
SetFilePointer
GetTimeFormatW
WideCharToMultiByte
GetDateFormatW
GetLocalTime
Sleep
CreateFileW
GetLastError
WaitForMultipleObjects
CreateEventW
ResumeThread
SetThreadPriority
CreateThread
lstrlenW
GetModuleFileNameW
GetModuleHandleW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
ReadFile
CreateNamedPipeW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
SetThreadLocale
GetThreadLocale
ResetEvent
GetVersionExA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
PropVariantClear
StringFromGUID2

oleaut32

SysFreeString
RegisterTypeLi
LoadTypeLi
UnRegisterTypeLi
SysStringLen
VarUI4FromStr
SysAllocString

advapi32

OpenServiceW
OpenSCManagerW
StartServiceW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegNotifyChangeKeyValue
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyW
RegDeleteKeyW
RegDeleteValueW
RegQueryInfoKeyW
CloseServiceHandle

user32

UnregisterClassA
CharNextW

audioeng

AERT_Allocate
AERT_Free

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 1024B - Virtual size: 811B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT_CONST
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d190bc126faefb7bfc455ecb5d844565

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

ole32

oleaut32

advapi32

user32

audioeng

Exports

Exports

Sections

.text Size: 113KB - Virtual size: 113KB

RT_CODE Size: 1024B - Virtual size: 811B

.data Size: 5KB - Virtual size: 6KB

RT_CONST Size: 512B - Virtual size: 412B

RT_DATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 113KB - Virtual size: 113KB

RT_CODE
Size: 1024B - Virtual size: 811B

.data
Size: 5KB - Virtual size: 6KB

RT_CONST
Size: 512B - Virtual size: 412B

RT_DATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 4KB - Virtual size: 3KB