e10fe94b39278bc5e0166189450e0618857afc11e21d2ec5a5913c581b0ba88c

General

Target

e10fe94b39278bc5e0166189450e0618857afc11e21d2ec5a5913c581b0ba88c
Size

30KB
MD5

1942aecc4f3bbb779a2c556f3f2165d0
SHA1

2f820852cbfdb10a366dd8bb7307e7334583f4ca
SHA256

e10fe94b39278bc5e0166189450e0618857afc11e21d2ec5a5913c581b0ba88c
SHA512

f77e3ecbcf83c9857ea4238fd1616a9d0a8282553cf69cb90c39ba7ba04861558e20b412bfe7f458a3331e32128c9c79d875db0e0456c4b7cbbfbd2c4f0d6245
SSDEEP

768:e8JWtDh4npIPeeFeHmXFaNP8sa7wUW0O81RJq2z:/WnPDRVyEDe0O6q2

Score

N/A

Malware Config

Signatures

Files

e10fe94b39278bc5e0166189450e0618857afc11e21d2ec5a5913c581b0ba88c
.dll regsvr32 windows x86

fb9a2aa70884ba53fc56bf50e0159cb2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htonl
gethostbyname

kernel32

VirtualProtect
InterlockedIncrement
InterlockedDecrement
MoveFileExA
MoveFileA
DeleteFileA
SetFileAttributesA
WritePrivateProfileStringA
GetShortPathNameA
GetTickCount
FindClose
FindFirstFileA
GetSystemDirectoryA
GetWindowsDirectoryA
ExpandEnvironmentStringsA
CloseHandle
UnmapViewOfFile
GetCurrentProcess
CreateFileMappingA
GetFileSize
CreateFileA
GetVersion
WriteProcessMemory
DisableThreadLibraryCalls
GetTempPathA
WideCharToMultiByte
AreFileApisANSI
IsBadStringPtrA
IsBadReadPtr
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
GetSystemTimeAsFileTime
ReadFile
WriteFile
LoadLibraryA
GetProcAddress
MapViewOfFile
GetModuleFileNameA

advapi32

RegQueryValueExA
RegEnumKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

rpcrt4

UuidFromStringA
UuidCreate

shlwapi

SHDeleteKeyA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb9a2aa70884ba53fc56bf50e0159cb2

Headers

File Characteristics

Imports

ws2_32

kernel32

advapi32

rpcrt4

shlwapi

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 25KB

.rdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 696B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 25KB

.rdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 696B

.reloc
Size: 1KB - Virtual size: 1KB