c0cc65c2bd66cc2c376cbccfef2323d5c0d752f1af81a743a1e29f2c09590b26

Sharing

Copy URL

Twitter E-mail

General

Target

c0cc65c2bd66cc2c376cbccfef2323d5c0d752f1af81a743a1e29f2c09590b26
Size

426KB
MD5

ea28640f5b8a710e53617712c7c83089
SHA1

9fc1f3b2f13508bb892d3113f5a48ba6e5a1cba3
SHA256

c0cc65c2bd66cc2c376cbccfef2323d5c0d752f1af81a743a1e29f2c09590b26
SHA512

7b28a936b9c6bf1c2e5da194ec7bcd3691c05a3db06bdd2d64bda9313adfc776dec3f26fca331e78cb07743af6d1c5b4bdd13a763bbf3190a84853ab85abba7a
SSDEEP

6144:Cc9BlQTLzhMBFErH5FNVublfQrN83ZgJA4t+nxeeiZAQ7LxR+fvGuwcQBPkY2dRS:PHlm8+3Olf+Yct+xANsvXqPj2qW5Md0

Score

N/A

Malware Config

Signatures

Files

c0cc65c2bd66cc2c376cbccfef2323d5c0d752f1af81a743a1e29f2c09590b26
.dll regsvr32 windows x64

172b5f6c58277735e20184a31e367ef8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

TranslateMessage
DefWindowProcW
UpdateWindow
MessageBoxW
CreateWindowExW
EndPaint
DestroyWindow
TranslateAcceleratorW
GetMessageW
PostQuitMessage
LoadCursorW
BeginPaint
DispatchMessageW
GetTouchInputInfo
RegisterClassExW
RegisterTouchWindow
InvalidateRect
CloseTouchInputHandle
LoadStringW
ShowWindow
UnregisterTouchWindow

gdi32

LineTo
DeleteObject
SelectObject
Polyline
CreatePen
MoveToEx

ole32

CoUninitialize
CoInitialize
CoLoadLibrary
CoCreateInstance

kernel32

WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
CloseHandle
IsValidLocale
GetLocaleInfoW
LCMapStringW
HeapReAlloc
CreateFileW
ReadFile
ReadConsoleW
GetUserDefaultLCID
GetFileType
OutputDebugStringW
LoadLibraryExW
GetCPInfo
GetLastError
HeapFree
HeapAlloc
EncodePointer
DecodePointer
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
IsProcessorFeaturePresent
WideCharToMultiByte
GetProcessHeap
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP

Exports

Exports

DllRegisterServer

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

172b5f6c58277735e20184a31e367ef8

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

ole32

kernel32

Exports

Exports

Sections

.text Size: 118KB - Virtual size: 118KB

.rdata Size: 288KB - Virtual size: 288KB

.data Size: 8KB - Virtual size: 19KB

.pdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 632B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 118KB - Virtual size: 118KB

.rdata
Size: 288KB - Virtual size: 288KB

.data
Size: 8KB - Virtual size: 19KB

.pdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 632B

.reloc
Size: 2KB - Virtual size: 2KB