9e693ac525555f7c8f2cc8c809216bf93ec80b46a12fb88606c7acc439d071af

Sharing

Copy URL Twitter E-mail

General

Target

9e693ac525555f7c8f2cc8c809216bf93ec80b46a12fb88606c7acc439d071af
Size

227KB
MD5

05a2e31def653b0406b88b7a36e4d094
SHA1

f8c9562d329e6cac93fc3ff48d5ef507ce8c7f5b
SHA256

9e693ac525555f7c8f2cc8c809216bf93ec80b46a12fb88606c7acc439d071af
SHA512

a612cb38c2a17670dcbc0920a35569b0af1a02f0cde6bea523bfcff952f1e0024afbad62cda2e1ffdd3b44f963aa2d7e3ccfdd607d2e29dc0e3f6a733e7a8b9d
SSDEEP

6144:wXO8Bi5/RVWgJIICgzeRSnOtjNXn/rLjF6mMJXT:ki5//W0II1C0nOHX/ZVGXT

Score

N/A

Malware Config

Signatures

Files

9e693ac525555f7c8f2cc8c809216bf93ec80b46a12fb88606c7acc439d071af
.dll regsvr32 windows x86

618ffaf12593e2293ce5f6b285fb1d01

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

malloc
??2@YAPAXI@Z
wcscat
wcscpy
wcslen
_wcsnicmp
_adjust_fdiv
??3@YAXPAX@Z
_initterm
free
wcschr

kernel32

LocalFree
GetComputerNameExW
LocalAlloc
lstrlenW
FormatMessageW
LoadLibraryExW
LoadLibraryW
GlobalLock
GetCurrentProcess
GetComputerNameW
CreateProcessW
GetWindowsDirectoryW
LoadLibraryExA
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
GetProcAddress
FreeLibrary
GetVersionExW
ReleaseMutex
GetModuleFileNameW
CloseHandle
CreateMutexW
QueryPerformanceCounter
WaitForSingleObject
GlobalUnlock

user32

SetWindowTextW
IsWindowEnabled
DestroyIcon
LoadImageW
GetSystemMetrics
WinHelpW
GetParent
DialogBoxParamW
GetWindowLongW
EndDialog
SetWindowLongW
GetFocus
RegisterClipboardFormatW
wvsprintfW
wsprintfW
LoadStringW
MessageBoxW
CheckDlgButton
EnableWindow
GetDlgItem
SetDlgItemTextW
SetRect
MapDialogRect
CreateWindowExW
SendMessageW
LoadCursorW
SetCursor
SetFocus
IsDlgButtonChecked
LoadIconW

oleaut32

SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData

ole32

StringFromCLSID
CoCreateInstance
CoUninitialize
CoInitializeEx
CoTaskMemFree

advapi32

AllocateAndInitializeSid
GetTokenInformation
RegQueryValueExW
AccessCheck
EqualSid
CheckTokenMembership
FreeSid
LookupAccountSidW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
OpenProcessToken
RegOpenKeyExW
RegDeleteKeyW
CopySid
GetLengthSid
IsValidSid
DuplicateToken

comctl32

CreatePropertySheetPageW
ImageList_Create
ImageList_ReplaceIcon
DestroyPropertySheetPage

shell32

ShellExecuteW

netapi32

NetApiBufferFree
NetLocalGroupGetMembers
NetLocalGroupDelMembers
NetLocalGroupAddMembers

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

618ffaf12593e2293ce5f6b285fb1d01

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

oleaut32

ole32

advapi32

comctl32

shell32

netapi32

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 168KB - Virtual size: 168KB

.rsrc Size: 37KB - Virtual size: 36KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 168KB - Virtual size: 168KB

.rsrc
Size: 37KB - Virtual size: 36KB

.reloc
Size: 1KB - Virtual size: 1KB