bda6bec6e413e2b3082d0d11f530683923954acc6dbcafed9d99f2cf39cb1000

Sharing

Copy URL Twitter E-mail

General

Target

bda6bec6e413e2b3082d0d11f530683923954acc6dbcafed9d99f2cf39cb1000
Size

112KB
MD5

0976e12839cd7abeb7716bf0607dff52
SHA1

36b4938d70be15d66dbf5a96cc384412da4bad2e
SHA256

bda6bec6e413e2b3082d0d11f530683923954acc6dbcafed9d99f2cf39cb1000
SHA512

16b57e1af0ec1755e1920c66d6ee7b024c2dd172e7c4021ccdaffae30f56a0aacf1fef2cb4510350c9841d046c462cc031e4c64e010463529d31b609e87cdf66
SSDEEP

3072:M8LprK+A+eREaJPb4ePJJc5h0gb35QTO/PL6l4ZRrLdmA8pNp:xpK+A+eREaJPb4exJc5ugD/Wl47dmpX

Score

N/A

Malware Config

Signatures

Files

bda6bec6e413e2b3082d0d11f530683923954acc6dbcafed9d99f2cf39cb1000
.exe regsvr32 windows x64

6b175742b7e0b8c611c063b8e3f637b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shlwapi

StrRChrA
StrStrIA

advapi32

CryptHashData
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptCreateHash
CryptAcquireContextA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegOpenKeyA
SetServiceStatus
GetUserNameA

user32

CharLowerA
CharNextA
LoadStringA
wvsprintfA

kernel32

GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
CloseHandle
lstrlenA
GetModuleHandleA
GetStringTypeExA
GetThreadLocale
lstrcmpA
ReadFile
GetFileSize
CreateFileA
VirtualQuery
Sleep
SystemTimeToFileTime
GetCurrentProcessId
UnmapViewOfFile
ReleaseMutex
WaitForSingleObject
DuplicateHandle
GetCurrentProcess
OpenProcess
MapViewOfFileEx
VirtualFree
IsBadReadPtr
GetLastError
GetFileTime
GetVolumeInformationA
OpenFileMappingW
lstrlenW
GetComputerNameA
GetProcAddress
LoadLibraryA
FreeLibrary
GetSystemTime
GetModuleFileNameA
lstrcpynA
MoveFileExA
FileTimeToSystemTime
GetTickCount
GetVersionExA
FreeLibraryAndExitThread
CreateThread
CreateEventA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetEnvironmentStringsW
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
QueryPerformanceCounter
HeapReAlloc
RtlLookupFunctionEntry
RtlUnwindEx
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapFree
HeapSetInformation
HeapCreate
HeapAlloc
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
RaiseException
RtlPcToFileHeader
HeapSize
WriteFile
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetStartupInfoA

ole32

OleUninitialize
CoCreateInstance
OleInitialize
StringFromGUID2

wininet

HttpOpenRequestA
HttpSendRequestA
InternetQueryDataAvailable
InternetConnectA
InternetGetConnectedState
InternetCheckConnectionA
InternetReadFile
InternetOpenA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetCloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b175742b7e0b8c611c063b8e3f637b5

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

advapi32

user32

kernel32

ole32

wininet

Exports

Exports

Sections

.text Size: 97KB - Virtual size: 97KB

.data Size: 4KB - Virtual size: 9KB

.pdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 97KB - Virtual size: 97KB

.data
Size: 4KB - Virtual size: 9KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB