2f99bd1cbb9a80a4d0c17692e3bcf860db26885bb9e27be023ce96dd006b5861

Sharing

Copy URL

Twitter E-mail

General

Target

2f99bd1cbb9a80a4d0c17692e3bcf860db26885bb9e27be023ce96dd006b5861
Size

329KB
MD5

a131fae0ba3d6f35764c982cb15cc140
SHA1

ba7c5a20faa6b3546431495b6b9e84310c7c71fa
SHA256

2f99bd1cbb9a80a4d0c17692e3bcf860db26885bb9e27be023ce96dd006b5861
SHA512

3abe40e74225dd639b57a00dcfb9cde3cabe889193384059aea916addc6514710356bc7c8178162c3b499b3a472a0567649816b029a944d97c9130ecfa6633c5
SSDEEP

6144:mlaXkAY9JmwBkbheVVmhyw46TpKPfsj7Yaj7aHwO5CkiMQ1q:mlaXkAqJvkbheVVmhywXTgPfsj0aj7nd

Score

N/A

Malware Config

Signatures

Files

2f99bd1cbb9a80a4d0c17692e3bcf860db26885bb9e27be023ce96dd006b5861
.dll regsvr32 windows x86

35983369161a44672f3cd6e708fc961c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
strlen
wcscmp
strncpy
fabs
cos
acos
free
malloc
??2@YAPAXI@Z
sin
memcpy
_purecall
strcmp
memcmp
_CIacos
_CIatan2
_CIcos
_CIsin
_CIsqrt
_CItan
pow
log10
??3@YAXPAX@Z
memset

user32

MessageBoxA

kernel32

WriteFile
SetEndOfFile
GetFileSize
SetFilePointer
GetTickCount
GetVersion
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
RtlUnwind
Sleep
DisableThreadLibraryCalls
GetModuleFileNameA
GetLastError
SetEvent
WaitForSingleObject
WaitForMultipleObjects
CreateEventA
CreateThread
TryEnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualAlloc
CreateFileA
CloseHandle
IsProcessorFeaturePresent
ReadFile
GetOverlappedResult
QueryPerformanceFrequency
HeapAlloc
OutputDebugStringA
GetCurrentThreadId
VirtualProtect
InterlockedIncrement
InterlockedDecrement
GetProcessHeap
HeapFree
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyExA
RegSetValueExA

rpcrt4

RpcStringFreeA
UuidToStringA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

Exports

Exports

ServiceMain
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35983369161a44672f3cd6e708fc961c

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

user32

kernel32

advapi32

rpcrt4

ole32

Exports

Exports

Sections

.text Size: 214KB - Virtual size: 213KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 107KB - Virtual size: 106KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 214KB - Virtual size: 213KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 107KB - Virtual size: 106KB

.reloc
Size: 6KB - Virtual size: 5KB