1bc781130f5722aaa8bc888aac935355f7b70476e39e815ee10dbb35ac580f3b

Sharing

Copy URL

Twitter E-mail

General

Target

1bc781130f5722aaa8bc888aac935355f7b70476e39e815ee10dbb35ac580f3b
Size

251KB
MD5

83e421381e9156926897f78a07264413
SHA1

88d13760afdf1e21ab2c0ab49729f58e5b843d04
SHA256

1bc781130f5722aaa8bc888aac935355f7b70476e39e815ee10dbb35ac580f3b
SHA512

66971bcfeee77552764212a4ba0401670f3485c1a9700a943384639d192e6fb8c27e9cd49c651db79e937abd3d1eb053f4c59c64a1caea2eac163557050b9647
SSDEEP

6144:VsYtrO/EbqEaYSFrP/SQtSDDMoEVDWeDny:VTta/qaYSFGwBVDWgn

Score

N/A

Malware Config

Signatures

Files

1bc781130f5722aaa8bc888aac935355f7b70476e39e815ee10dbb35ac580f3b
.dll regsvr32 windows x86

11e31f15b63faf1a7bd9ced1dc027d5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

isleadbyte
_vscwprintf
_purecall
_wtol
free
malloc
memset
wcsstr
wcschr
wcsrchr
_wcslwr
_wcsicmp
_isatty
_write
_wtoi
_ltow
_vsnwprintf
_vsnprintf
_mktime64
_time64
wcsftime
_localtime64
strrchr
strncmp
fprintf
_lseeki64
_fileno
__pioinfo
__badioinfo
ferror
wctomb
_itoa
_snprintf
_iob
_CxxThrowException
__mb_cur_max
mbtowc
memmove
memcpy
realloc
_onexit
_lock
__dllonexit
_unlock
??1type_info@@UAE@XZ
_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
_wcsupr
_errno
__CxxFrameHandler
calloc

mapi32

ord23
ord21
ord11
ord75
ord140
ord17
ord135
ord171
ord170
ord50
ord49

advapi32

RegEnumValueW
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
RegQueryValueExW
RegEnumKeyExW
RegSetValueExW
RevertToSelf
OpenThreadToken
ImpersonateLoggedOnUser
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetSecurityDescriptorLength
LookupAccountSidW
OpenProcessToken
GetTokenInformation
ConvertSidToStringSidW
RegCreateKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW

oleaut32

VariantChangeType
VariantClear
VariantInit
VarUI4FromStr
SafeArrayGetElement
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString
SafeArrayGetUBound
SafeArrayGetLBound
RegisterTypeLi
SysAllocStringLen

ole32

CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoTaskMemAlloc
CoWaitForMultipleHandles
CoTaskMemRealloc
CoTaskMemFree
CreateStreamOnHGlobal
CoSetProxyBlanket
CoUninitialize
CoInitializeEx

user32

UnregisterClassA
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
PeekMessageW
CharNextW

kernel32

WriteFile
FlushFileBuffers
MoveFileW
CreateFileW
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileW
FindNextFileW
FindClose
SetLastError
DeleteFileW
GetModuleHandleExW
OpenProcess
LocalFree
SetUnhandledExceptionFilter
DeviceIoControl
LocalAlloc
FormatMessageW
CreateFileA
GetLocalTime
FlushViewOfFile
DeleteFileA
CreateEventW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
RtlUnwind
OutputDebugStringA
Sleep
lstrlenA
GetVersionExW
GetCurrentThread
OutputDebugStringW
WideCharToMultiByte
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
CopyFileA
HeapDestroy
GetVersionExA
LoadLibraryA
InterlockedCompareExchange
DelayLoadFailureHook
CreateSemaphoreW
CreateThread
WaitForMultipleObjectsEx
UnmapViewOfFile
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
OpenMutexW
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexW
InterlockedIncrement
InterlockedDecrement
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetLastError
GetModuleFileNameW
lstrcmpiW
DisableThreadLibraryCalls
FreeLibrary
MultiByteToWideChar
LoadLibraryExW
GetModuleHandleW
GetTickCount
CompareFileTime
GlobalFree
GlobalAlloc
SetEvent
GetProcAddress
LoadLibraryW
VerifyVersionInfoW
VerSetConditionMask
CompareStringW
MapViewOfFile
CreateFileMappingW
ReleaseSemaphore

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11e31f15b63faf1a7bd9ced1dc027d5f

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

mapi32

advapi32

oleaut32

ole32

user32

kernel32

Exports

Exports

Sections

.text Size: 186KB - Virtual size: 186KB

.data Size: 54KB - Virtual size: 53KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 186KB - Virtual size: 186KB

.data
Size: 54KB - Virtual size: 53KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 7KB - Virtual size: 6KB