c168ebc503fa8ed3ff6bc8411ab432910960b921aaad953c85f9566e812cce83

Sharing

Copy URL

Twitter E-mail

General

Target

c168ebc503fa8ed3ff6bc8411ab432910960b921aaad953c85f9566e812cce83
Size

462KB
MD5

800f0bfcd7079f49d7d4156b63324255
SHA1

e1d74def2ab47c3597db1a00aa8321eedf50d8b5
SHA256

c168ebc503fa8ed3ff6bc8411ab432910960b921aaad953c85f9566e812cce83
SHA512

3301f64f645a5b63d441a298256ea8b5be8de30f5b9fd8a67fbe27e0a778ac23da9b1a1aa60b2612cf44521ce17ff67da432b582b493b7967a24260865a63fb4
SSDEEP

6144:ZJjyfqVp/PNWmioPQF6rM1YtxbexMo2C5qu7hrYTAJAaBLH:Z2qVptDisM1Qxb

Score

N/A

Malware Config

Signatures

Files

c168ebc503fa8ed3ff6bc8411ab432910960b921aaad953c85f9566e812cce83
.dll regsvr32 windows x86

9c9c1c771a128370594ae1e79f8660d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_unlock
realloc
??1type_info@@UAE@XZ
_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
__dllonexit
_errno
mbtowc
__CxxFrameHandler
_vscwprintf
floor
_wtof
wcsrchr
wcsstr
_wcsicmp
iswspace
wcschr
wcstoul
strtoul
strtol
wcstol
calloc
_vsnwprintf
memset
malloc
_CxxThrowException
_lock
_onexit
memmove
isdigit
isspace
__mb_cur_max
isleadbyte
isxdigit
localeconv
_iob
_snprintf
_itoa
wctomb
free
memcpy
wcstok
ferror
iswctype
wcstombs
__badioinfo
__pioinfo
_read
_fileno
_lseeki64
_write
_isatty
ungetc
_wtol

advapi32

RegEnumValueW
TraceEvent
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegQueryValueExW

kernel32

GetVersion
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetSystemDefaultLCID
IsDBCSLeadByte
SystemTimeToTzSpecificLocalTime
FindResourceExW
GetTempFileNameW
GetTempPathW
lstrcmpW
CompareStringA
FileTimeToSystemTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
WideCharToMultiByte
InterlockedCompareExchange
lstrlenA
MulDiv
CompareStringW
DeleteFileW
GetModuleHandleW
LoadLibraryExW
LoadResource
SizeofResource
MultiByteToWideChar
lstrcmpiW
DisableThreadLibraryCalls
GetModuleFileNameW
GetLastError
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
lstrlenW
LoadLibraryW
GetProcAddress
FreeLibrary
InterlockedDecrement
InterlockedIncrement
LocalFree
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
OutputDebugStringA
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FindResourceW
Sleep
LockResource
RaiseException

user32

UnregisterClassA
CharNextW

ole32

CLSIDFromString
CoGetMalloc
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
PropVariantCopy
PropVariantClear

gdi32

DeleteObject
CreateDIBSection

rpcrt4

IUnknown_QueryInterface_Proxy
IUnknown_Release_Proxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
NdrOleFree
NdrOleAllocate
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
IUnknown_AddRef_Proxy

windowscodecs

WICConvertBitmapSource

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 51B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c9c1c771a128370594ae1e79f8660d8

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

ole32

gdi32

rpcrt4

windowscodecs

Exports

Exports

Sections

.text Size: 147KB - Virtual size: 146KB

.orpc Size: 512B - Virtual size: 51B

.data Size: 64KB - Virtual size: 68KB

.rsrc Size: 241KB - Virtual size: 241KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 147KB - Virtual size: 146KB

.orpc
Size: 512B - Virtual size: 51B

.data
Size: 64KB - Virtual size: 68KB

.rsrc
Size: 241KB - Virtual size: 241KB

.reloc
Size: 8KB - Virtual size: 7KB