General

Malware Config

Signatures

Files

• aba55ba555f43f1fccb63b640c87a347bbca236bf19107dd1f33412cefb03baa

  .dll regsvr32 windows x86

  3e8400d480c62c8611127c84bfbb51b7

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  LoadLibraryA

  CloseHandle

  VirtualAlloc

  CreateEventW

  InterlockedExchange

  lstrlenW

  MultiByteToWideChar

  lstrlenA

  GetLastError

  GetModuleFileNameA

  GetVersionExW

  DisableThreadLibraryCalls

  lstrcpynW

  InterlockedIncrement

  InterlockedDecrement

  ResetEvent

  SetThreadPriority

  FreeLibrary

  GetProcAddress

  GetModuleHandleW

  SetEvent

  WaitForSingleObject

  Sleep

  DeleteCriticalSection

  InitializeCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  user32

  wsprintfW

  advapi32

  RegDeleteKeyW

  RegEnumKeyExW

  RegOpenKeyExW

  RegSetValueExW

  RegSetValueW

  RegCreateKeyW

  RegCloseKey

  ole32

  StringFromGUID2

  CoFreeUnusedLibraries

  CoCreateInstance

  CoInitialize

  CoTaskMemFree

  CoUninitialize

  CoTaskMemAlloc

  msvcrt

  _adjust_fdiv

  malloc

  _initterm

  free

  _wtoi

  _purecall

  __CxxFrameHandler

  ??2@YAPAXI@Z

  Exports

  Exports

  DllCanUnloadNow

  DllGetClassObject

  DllRegisterServer

  DllUnregisterServer

  Sections

  .text

  Size: 32KB - Virtual size: 30KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 8KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 584B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 104KB - Virtual size: 102KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ