34a00d3ea5107643d7734988165ac2bb91476b09c913d26dcf468b86f21fed54

Sharing

Copy URL Twitter E-mail

General

Target

34a00d3ea5107643d7734988165ac2bb91476b09c913d26dcf468b86f21fed54
Size

286KB
MD5

e1f9b13fdf741fb3107c05dcc72b0b3c
SHA1

bc0b5ec86208d233b4dbf3f640e603f5566bff54
SHA256

34a00d3ea5107643d7734988165ac2bb91476b09c913d26dcf468b86f21fed54
SHA512

2b8fdb071600abbbf833d42b4ffc9f188d76eb6b50064c08c120fa44d4ad1f5e49b85db69b3fa1e7dae04781ad864f3cc6ce6c2fa0d17216907a2e4be250fe66
SSDEEP

6144:DA6RfKe1KgGVCg+51qJcGHTc3E3cUs/e6mqXey/Pp/Iul5Cl8Y:DA6JKeUkg+5+BHTc3E3cUsmXqXH/B/t4

Score

N/A

Malware Config

Signatures

Files

34a00d3ea5107643d7734988165ac2bb91476b09c913d26dcf468b86f21fed54
.dll regsvr32 windows x86

999775aa0689c53f852102a11caa4867

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wcsnicmp
_wcsicmp
wcsncmp
iswspace
iswxdigit
bsearch
memset
_vsnwprintf
??1type_info@@UAE@XZ
memcpy
_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
_CxxThrowException
free
_callnewh
malloc
iswalpha
wcschr
swscanf

kernel32

UnmapViewOfFile
GetVersionExW
CreateFileMappingW
GetSystemDefaultUILanguage
LoadLibraryExW
FindResourceExW
LoadResource
DelayLoadFailureHook
FindResourceW
SearchPathW
MapViewOfFile
SetUnhandledExceptionFilter
GetSystemDefaultLCID
VerSetConditionMask
VerifyVersionInfoW
SetLastError
WriteFile
GetStringTypeW
CompareStringW
WideCharToMultiByte
MultiByteToWideChar
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
Sleep
InterlockedExchange
FileTimeToSystemTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
LoadLibraryA
InterlockedCompareExchange
FreeLibrary
GetDateFormatW
GetTimeFormatW
LocalFree
LocalAlloc
CreateFileW
GetFileTime
CloseHandle
CompareFileTime
CreateDirectoryW
lstrlenA
InterlockedIncrement
InterlockedDecrement
GetUserDefaultUILanguage
lstrcmpW
lstrlenW
IsValidLocale
GetUserDefaultLCID
GetLastError
GetProcAddress
GetModuleHandleW
GetLocalTime
GetLocaleInfoW

advapi32

RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW

ole32

CoTaskMemFree
PropVariantCopy
CoCreateInstance
CoTaskMemAlloc
OleSaveToStream
OleLoadFromStream
PropVariantClear

oleaut32

VarDateFromStr
VarNumFromParseNum
VarParseNumFromStr
VarI4FromStr
SysStringLen
SysFreeString
SysAllocStringLen
VariantCopy
VariantInit
SysAllocString
VarBstrFromDate
VarDateFromUdate
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserSize
BSTR_UserFree
BSTR_UserUnmarshal
BSTR_UserMarshal
BSTR_UserSize
VariantClear
VarUdateFromDate
LPSAFEARRAY_UserUnmarshal

shell32

SHGetFolderPathW

shlwapi

ord212
ord219
ord184
SHCreateStreamOnFileW
SHRegGetValueW

user32

GetKeyboardLayout
LoadStringW

rpcrt4

CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
NdrStubCall2
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrCStdStubBuffer2_Release
NdrStubForwardingFunction
CStdStubBuffer_IsIIDSupported

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 425B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

999775aa0689c53f852102a11caa4867

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

advapi32

ole32

oleaut32

shell32

shlwapi

user32

rpcrt4

Exports

Exports

Sections

.text Size: 213KB - Virtual size: 213KB

.orpc Size: 512B - Virtual size: 425B

.data Size: 62KB - Virtual size: 62KB

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 213KB - Virtual size: 213KB

.orpc
Size: 512B - Virtual size: 425B

.data
Size: 62KB - Virtual size: 62KB

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 8KB - Virtual size: 7KB