General

Malware Config

Signatures

Files

• 40274ae41ecda2080362b5359b284eb3f9f9c4a295000df5850afd21069f7c0c

  .dll regsvr32 windows x86

  dfdc55c49892e251458b93526bb4aed8

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetModuleFileNameA

  InterlockedIncrement

  InterlockedDecrement

  InitializeCriticalSection

  DeleteCriticalSection

  CloseHandle

  CreateEventA

  ResetEvent

  DuplicateHandle

  GetCurrentProcess

  GetCurrentThreadId

  SetEvent

  WaitForMultipleObjects

  WaitForSingleObject

  CreateSemaphoreA

  GetLastError

  GetSystemInfo

  VirtualAlloc

  VirtualFree

  FreeLibrary

  LoadLibraryA

  InterlockedExchange

  CreateThread

  GetProcAddress

  GetModuleHandleA

  WideCharToMultiByte

  GetACP

  SetThreadPriority

  GetThreadPriority

  GetCurrentThread

  GetTickCount

  lstrlenA

  DisableThreadLibraryCalls

  GetVersionExA

  MultiByteToWideChar

  GetLocalTime

  EnterCriticalSection

  ReleaseSemaphore

  LeaveCriticalSection

  user32

  wsprintfA

  GetQueueStatus

  MsgWaitForMultipleObjects

  wvsprintfA

  PostThreadMessageA

  DispatchMessageA

  PeekMessageA

  RegisterWindowMessageA

  advapi32

  RegSetValueExA

  RegCreateKeyA

  RegSetValueA

  RegDeleteKeyA

  RegCloseKey

  RegEnumKeyExA

  RegOpenKeyExA

  ole32

  CoTaskMemFree

  CoTaskMemAlloc

  CoInitialize

  CoCreateInstance

  CoFreeUnusedLibraries

  CoUninitialize

  StringFromGUID2

  oleaut32

  SysAllocString

  SysFreeString

  winmm

  timeSetEvent

  timeGetTime

  gdiplus

  GdipCloneImage

  GdiplusStartup

  GdiplusShutdown

  GdipDeleteGraphics

  GdipCreateTexture

  GdipGetGenericFontFamilySansSerif

  GdipCreateHatchBrush

  GdipFillPath

  GdipDeletePen

  GdipDeletePath

  GdipDrawPath

  GdipAddPathString

  GdipCreatePath

  GdipCreatePen1

  GdipDeleteBrush

  GdipDeleteFont

  GdipDeleteStringFormat

  GdipDrawString

  GdipCreateStringFormat

  GdipDeleteFontFamily

  GdipCreateFont

  GdipCreateFontFamilyFromName

  GdipCreateSolidFill

  GdipDisposeImage

  GdipDisposeImageAttributes

  GdipSetImageAttributesColorKeys

  GdipDrawImageRectRect

  GdipSetImageAttributesColorMatrix

  GdipGetImageBounds

  GdipLoadImageFromFile

  GdipDrawImageRectRectI

  GdipCreateImageAttributes

  GdipGetImageGraphicsContext

  GdipCreateBitmapFromGdiDib

  GdipFree

  GdipAlloc

  GdipCloneBrush

  msvcrt

  ??2@YAPAXI@Z

  __CxxFrameHandler

  _purecall

  _ftol

  ??3@YAXPAX@Z

  Exports

  Exports

  DllCanUnloadNow

  DllGetClassObject

  DllRegisterServer

  DllUnregisterServer

  Sections

  .text

  Size: 52KB - Virtual size: 48KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 28KB - Virtual size: 25KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 4KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .text

  Size: 196KB - Virtual size: 196KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE