fea7c8c7679ae409cfdf46fe89137f61ec315a281eda7d2a8dfb6e3090f4ad59

Sharing

Copy URL Twitter E-mail

General

Target

fea7c8c7679ae409cfdf46fe89137f61ec315a281eda7d2a8dfb6e3090f4ad59
Size

125KB
MD5

02dac02392d3d5f9c38b98b9aad5e010
SHA1

f8fd04a02f433f43403adf24751d6720b936565a
SHA256

fea7c8c7679ae409cfdf46fe89137f61ec315a281eda7d2a8dfb6e3090f4ad59
SHA512

743311daf6c35d8fbaadbf1fa8f5b71900892a7a1269c7f8fef3a6e964ad6bd481556545b4d60f598250b940b11c3b8d120c3ca8db313a437832ebcdeaefaa56
SSDEEP

3072:YLn1seIyfS3s1zIOMrz/VkP+21jy4GQAIH1IJIVF:Cn1sUSIzIO0z/VvYjEKVIm

Score

N/A

Malware Config

Signatures

Files

fea7c8c7679ae409cfdf46fe89137f61ec315a281eda7d2a8dfb6e3090f4ad59
.dll regsvr32 windows x86

0f6924e350c6927f2e1ead8b3c6f9c05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTickCount
SetEvent
MulDiv
CreateThread
DuplicateHandle
QueueUserAPC
CreateSemaphoreW
QueryPerformanceCounter
ResetEvent
lstrcmpW
CreateEventW
DisableThreadLibraryCalls
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
FreeLibrary
GetCurrentThread
lstrcpynW
GetModuleFileNameW
lstrlenW
lstrcatW
HeapDestroy
WaitForSingleObject
GetCurrentProcess
CloseHandle
GetCurrentThreadId
lstrlenA
MultiByteToWideChar
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
lstrcpyW
ReleaseSemaphore

user32

CharNextW
wsprintfW
IsRectEmpty

advapi32

RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

oleaut32

VariantInit
SysStringLen
SysFreeString
VariantClear
SysAllocString
VariantChangeType
VarI4FromStr
LoadTypeLi
RegisterTypeLi
SetErrorInfo
LoadRegTypeLi
SysAllocStringLen

ddraw

DirectDrawCreate

msvcrt

_adjust_fdiv
_initterm
_purecall
free
??2@YAPAXI@Z
realloc
??3@YAXPAX@Z
malloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f6924e350c6927f2e1ead8b3c6f9c05

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

ddraw

msvcrt

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 57KB

.data Size: 56KB - Virtual size: 56KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 57KB

.data
Size: 56KB - Virtual size: 56KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 4KB