0d0858e6df21f200c6b314cb6804ecb411115fcb5349462022302e330b7ecff6

Sharing

Copy URL Twitter E-mail

General

Target

0d0858e6df21f200c6b314cb6804ecb411115fcb5349462022302e330b7ecff6
Size

467KB
MD5

ec42085316e622cad8bc7cf05e5fe987
SHA1

322f8f6a89c4752ad395671060236bc60955bdb5
SHA256

0d0858e6df21f200c6b314cb6804ecb411115fcb5349462022302e330b7ecff6
SHA512

4ed6bbe17656eb8f5be71cf17f334031b1bf6ba4c6c38b72893968167f5d0e1cb62d47ff6f5a0c28b737eeb4fea6bebc915512b01d461ca534d143e726fe6ae3
SSDEEP

6144:s/aPoZ8fmA5PySozfFWOcR9L97RDw9Rjo/nwpxr+27Qa57d:kMoZhA5PySozfFWOcn97+Xjo/nwi2kq

Score

N/A

Malware Config

Signatures

Files

0d0858e6df21f200c6b314cb6804ecb411115fcb5349462022302e330b7ecff6
.dll regsvr32 windows x86

86fd9ea39152327efed2c899c20b9929

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

msvcrt

_wcslwr
_errno
__CxxFrameHandler
wcsrchr
wcschr
__RTDynamicCast
free
_callnewh
_XcptFilter
_initterm
_amsg_exit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
realloc
memcpy
memmove
mbtowc
__mb_cur_max
isleadbyte
_iob
_snprintf
_itoa
ferror
__badioinfo
__pioinfo
_fileno
memset
??0exception@@QAE@XZ
malloc
_purecall
_vsnwprintf
_vscwprintf
_wcsicmp
calloc
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
_wcsnicmp
wcsncmp
bsearch
_lseeki64
_write
_isatty
??0exception@@QAE@ABQBD@Z
_CxxThrowException

setupapi

SetupDiGetINFClassW
SetupDiGetClassDescriptionW

ntdll

RtlUnwind
RtlFreeHeap
RtlAllocateHeap
NtQuerySystemInformation
RtlNtStatusToDosError

kernel32

LoadLibraryExW
MapViewOfFile
CreateFileMappingW
GetVersionExW
GetLocaleInfoW
UnmapViewOfFile
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
SearchPathW
GetFileSize
LocalAlloc
LocalFree
FindNextFileW
FindFirstFileW
FindClose
DeviceIoControl
SetLastError
GetDateFormatW
GetFileAttributesW
GetFullPathNameW
CreateFileW
CloseHandle
FormatMessageW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
SetThreadLocale
GetThreadLocale
SetThreadUILanguage
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
MultiByteToWideChar
OutputDebugStringW
GetCurrentProcessId
FreeLibrary
HeapFree
GetProcessHeap
lstrcmpiW
FileTimeToSystemTime
CompareStringW
InterlockedCompareExchange
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
InterlockedExchange
Sleep
OutputDebugStringA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime

advapi32

RegOpenKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
RegUnLoadKeyW
RegLoadKeyW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegEnumKeyW
RegEnumValueW

user32

UnregisterClassA
LoadStringW
CharNextW
CharLowerBuffW

ole32

CoCreateInstance
CoTaskMemFree
ProgIDFromCLSID
StringFromGUID2

oleaut32

CreateErrorInfo
SysStringLen
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
SysAllocStringByteLen
SysStringByteLen
VarBstrCmp
SysAllocStringLen
GetErrorInfo
SetErrorInfo
LoadRegTypeLi
VariantClear
SysFreeString

wdscore

ConstructPartialMsgVW
WdsSetupLogMessageW
CurrentIP

Exports

Exports

DLLGetDISMProviderCLSID
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 254KB - Virtual size: 253KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86fd9ea39152327efed2c899c20b9929

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

setupapi

ntdll

kernel32

advapi32

user32

ole32

oleaut32

wdscore

Exports

Exports

Sections

.text Size: 254KB - Virtual size: 253KB

.data Size: 173KB - Virtual size: 271KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 254KB - Virtual size: 253KB

.data
Size: 173KB - Virtual size: 271KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 20KB - Virtual size: 19KB