7af436899ccfd2137de00b2d4557986b9c3c131f1a8c98f103a14c6cb5a61065

General

Target

7af436899ccfd2137de00b2d4557986b9c3c131f1a8c98f103a14c6cb5a61065
Size

112KB
MD5

e9f8a49853d2921d5c2a77f439258150
SHA1

688d0c991d05e0e8e2623c14079b9fdeabde35e8
SHA256

7af436899ccfd2137de00b2d4557986b9c3c131f1a8c98f103a14c6cb5a61065
SHA512

86fe83addd853e4c81317482c8109c27723035b52b3868654fa9cb5a0af7edccaac3b1138fd7a73108d12bc0f357bf954117fbb5a1a50d5faa0b7c6958ca05ee
SSDEEP

1536:0O5vil+fa/ckqamqmCimxb/9+9M1TlfGMmW1i6r1KqfQzUQN0hvOKgzj7UjJ3i+Z:R5fpkqafmCbxT9kM1w3W34+QzRaBN

Score

N/A

Malware Config

Signatures

Files

7af436899ccfd2137de00b2d4557986b9c3c131f1a8c98f103a14c6cb5a61065
.dll regsvr32 windows x86

5c854b3345b13fe26b28053458c7ac73

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
FindNextChangeNotification
MoveFileW
WideCharToMultiByte
GlobalDeleteAtom
lstrlenW
GetFileAttributesW
LoadLibraryA
SetThreadPriority
CreateEventW
CreateFileW
GlobalUnlock
LoadResource
GetModuleHandleW
FindFirstFileW
FreeLibrary
DuplicateHandle
GetLocalTime
ResetEvent
GetVersion
GetModuleFileNameW
GetTickCount

user32

LoadCursorW
OffsetRect
DestroyIcon
LoadImageW
SendMessageW
LoadBitmapW
RegisterClassExW
WindowFromPoint
SetCursorPos
SendDlgItemMessageW
UpdateWindow
GetParent
SystemParametersInfoW
GetKeyState
RegisterHotKey
ReleaseCapture
FillRect
SetDlgItemTextW
ReleaseDC
PostQuitMessage

gdi32

SelectObject
LineTo
CreateDCW
CreateCompatibleBitmap
GetClipBox
SetBkMode
CreateFontIndirectW
StretchBlt

advapi32

RegOpenKeyExW
GetUserNameW
RegSetValueExW
SetSecurityDescriptorDacl
RegCloseKey

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.mshxje
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xzql
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nopz
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c854b3345b13fe26b28053458c7ac73

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.mshxje Size: 92KB - Virtual size: 89KB

.xzql Size: 4KB - Virtual size: 1KB

.nopz Size: 4KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 6KB

.mshxje
Size: 92KB - Virtual size: 89KB

.xzql
Size: 4KB - Virtual size: 1KB

.nopz
Size: 4KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 6KB