DllRegisterServer
Static task
static1
Behavioral task
behavioral1
Sample
b985e5b22bb8e8f23e53a501d795436ebc412e948ec935f6434c6737ebe38e6c.dll
Resource
win7-20221111-en
General
-
Target
b985e5b22bb8e8f23e53a501d795436ebc412e948ec935f6434c6737ebe38e6c
-
Size
835KB
-
MD5
698f22704c0b6015fad6d7c7a8b4bc1d
-
SHA1
242a6dd25950b4387713b5930cba32fc94a26d61
-
SHA256
b985e5b22bb8e8f23e53a501d795436ebc412e948ec935f6434c6737ebe38e6c
-
SHA512
7dc89f927f17e051b0bb66a6c0335de7f74c8fae9b730b0e2b7a5db22b434d6d5953074c0356e6d6e8edb983aa6f155792f3678a99872c0755ce1528220d1c7d
-
SSDEEP
12288:T6F+DfZxL4+Dir8lkQ5z4hbrmKFX4GfOs5VBNYRbWAUWWvoYPiwBP:T6F+DRt4Tr8lkBhXp2QOU
Malware Config
Signatures
Files
-
b985e5b22bb8e8f23e53a501d795436ebc412e948ec935f6434c6737ebe38e6c.dll regsvr32 windows x86
9d3467d46ceec8d78b0d336f023ce11c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateFileA
FindClose
FindFirstFileA
FindNextFileA
SetFileAttributesA
SetFileTime
CloseHandle
ConnectNamedPipe
CreateThread
OpenThread
SuspendThread
ResumeThread
CreateNamedPipeA
CreateActCtxA
ActivateActCtx
RaiseException
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetLastError
SetLastError
GetCurrentThread
GetCurrentThreadId
HeapAlloc
HeapFree
GetModuleHandleW
GetProcAddress
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
FreeLibrary
LoadLibraryExW
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
ExitProcess
GetModuleHandleExW
GetProcessHeap
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
HeapReAlloc
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
EncodePointer
TryEnterCriticalSection
CreateEventW
Sleep
GetTickCount
SetEvent
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleFileNameW
GetModuleHandleA
GetVersionExW
VirtualAlloc
VirtualFree
VirtualProtect
DuplicateHandle
ReleaseSemaphore
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
LoadLibraryW
GetModuleFileNameA
FindFirstFileExA
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
DecodePointer
CreateFileW
Exports
Exports
Sections
.text Size: 185KB - Virtual size: 184KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 308KB - Virtual size: 308KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 326KB - Virtual size: 329KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ