97e3f2f16e5f968bd49a4ee892d8d173043c2420648fc0a01e396c1e61ca268c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97e3f2f16e5f968bd49a4ee892d8d173043c2420648fc0a01e396c1e61ca268c
Size

100KB
MD5

c9a2e1343c694a90a12cf8bfebb9e433
SHA1

b5401813cca411c5d43bc7bf53cbfc5aa25d2b31
SHA256

97e3f2f16e5f968bd49a4ee892d8d173043c2420648fc0a01e396c1e61ca268c
SHA512

a5e9f25e3d16a3bb43d0e87801e7689a1850e41e78246e64d6bc7236d6092fedf6e2f5edaedb02b21e1705358d9bd7d1161b05b616566272a4d7bb4bb72559f2
SSDEEP

1536:li5NZbVh9BQxGUZssn+0YrITxGsMg8osHjs+5T6RIa2KjSAZX58Ld5:lij5H9qx7ssnBYrINELT2RIa2vAfyP

Score

N/A

Malware Config

Signatures

Files

97e3f2f16e5f968bd49a4ee892d8d173043c2420648fc0a01e396c1e61ca268c
.dll regsvr32 windows x86

7b31eaa6071264fea09f88d924f0bcd2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
SetLastError
FindFirstFileW
GetCurrentThread
GetCurrentThreadId
GetProcAddress
VirtualFree
lstrcpyW
ReadProcessMemory
InterlockedDecrement
QueryDosDeviceW
GlobalDeleteAtom
LoadLibraryA
CreateProcessW
CancelWaitableTimer
FreeResource
GetLocalTime
GetLastError
CreateEventW
VirtualAlloc
SuspendThread
FileTimeToSystemTime
GetCurrentProcess
GetModuleFileNameW
FindNextChangeNotification
SetThreadPriority
LoadResource
GlobalUnlock

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.xfraxes
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.oheojeh
Size: 4KB - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hldwrtr
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ