dbd40ca984dd9ddec9c16a8f25a575fa853a22e3460c459813cf53d9aedca5c5

Sharing

Copy URL

Twitter E-mail

General

Target

dbd40ca984dd9ddec9c16a8f25a575fa853a22e3460c459813cf53d9aedca5c5
Size

92KB
MD5

cb8aa90bd37b72d0daca3491250b035e
SHA1

7e590a894b7e78ad285f1c8f5c3c27574c977035
SHA256

dbd40ca984dd9ddec9c16a8f25a575fa853a22e3460c459813cf53d9aedca5c5
SHA512

5aadb553fa73c3f3b8cefe269ecd9c8210a77d23427fd1b8334c8f8fcb16d6757becc3230198d07ae550cf7dd8a085c14fef7ea02d4c605a3e3a5a39d82e95d3
SSDEEP

1536:Ngk5xvsQXF14taUVOG8xV8RBT/SC8N/15pTieREQ3YnLXGZlHl8Zfxxf:5vsQXYbVOG8xyPc1TTJD32pxf

Score

N/A

Malware Config

Signatures

Files

dbd40ca984dd9ddec9c16a8f25a575fa853a22e3460c459813cf53d9aedca5c5
.dll regsvr32 windows x86

9f61da32222901ed4623c93cd1839fd3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
GetTempPathW
TryEnterCriticalSection
GetModuleFileNameW
SetCurrentDirectoryA
GetProfileIntA
LocalAlloc
IsProcessorFeaturePresent
EnumResourceNamesW
GetThreadTimes
UpdateResourceA
HeapValidate
ProcessIdToSessionId
RtlMoveMemory
CreateRemoteThread
GetProfileStringA
GetShortPathNameA
PeekConsoleInputA
GlobalDeleteAtom
SizeofResource
WideCharToMultiByte
GetUserDefaultLangID
ReadConsoleInputA
FreeResource
QueueUserAPC
CopyFileExW
GetDiskFreeSpaceExW
SetComputerNameExW
CompareStringA
TerminateThread
WriteProfileStringW
FindNextFileW
WaitNamedPipeW
HeapReAlloc
lstrcmpiW
CreateTimerQueueTimer
UnlockFileEx
IsBadHugeReadPtr
FillConsoleOutputCharacterW
GetFileSize
GetExitCodeThread
WriteConsoleW
GetCommandLineA
CreateNamedPipeW
GetProfileIntW
SetHandleCount
GetDefaultCommConfigW
VirtualAlloc
GetVersion
RegisterWaitForSingleObject
GetVolumeInformationA
SetConsoleCursorPosition
ReadConsoleW
GetConsoleOutputCP
GetVersionExA
SetEnvironmentVariableW
GetAtomNameA
GetStringTypeA
EnumResourceLanguagesW
UnregisterWait
LocalLock
GetDriveTypeA
WriteProcessMemory
OpenSemaphoreA
GetAtomNameW
GetNumberFormatA
IsValidCodePage
AssignProcessToJobObject
FlushFileBuffers
ClearCommError
FindVolumeMountPointClose
LockFileEx
lstrcmpA
SetConsoleMode
SetVolumeMountPointW
GetWindowsDirectoryA
CopyFileW
GetNumberFormatW
SetEnvironmentVariableA
FindClose
FindFirstFileExW
FreeEnvironmentStringsW
GetCurrentDirectoryW
SuspendThread
GetFileInformationByHandle
SetStdHandle
AllocConsole
SearchPathA
GlobalHandle
VirtualUnlock
OpenThread
SetLocalTime
VerSetConditionMask
HeapCreate
WriteConsoleInputA
FindFirstChangeNotificationW
GetSystemPowerStatus
ReplaceFileW
GetCommandLineW
GetWindowsDirectoryW
RtlUnwind
GetDriveTypeW
GetComputerNameExW
GetComputerNameW
GetSystemDefaultLangID
PeekConsoleInputW
FindNextVolumeMountPointW
GetTempPathA
VirtualFree
GetSystemInfo
TransactNamedPipe
QueueUserWorkItem
OpenFileMappingA
GetCurrentThread
LockFile
RaiseException
GetConsoleMode
SetVolumeLabelA
GetFullPathNameA
WriteFile
GetModuleFileNameA
MapViewOfFile
GetSystemTimeAsFileTime
VirtualQuery
InterlockedDecrement
CreateThread
LocalFree
UnmapViewOfFile
GetLastError
GetComputerNameA
InterlockedIncrement
CreateDirectoryA
WaitForSingleObject
LeaveCriticalSection
HeapFree
GetCurrentProcessId
ReadFile
MoveFileA
GetProcAddress
GetTickCount
CopyFileA
Sleep
EnterCriticalSection
DeleteFileA
CreateFileA
CreateFileMappingA
GetModuleHandleA
GetProcessHeap
VirtualProtect
CreateProcessA
ReleaseMutex
GlobalAlloc
GetSystemDirectoryW
LoadLibraryA

advapi32

QueryServiceLockStatusA
ReadEventLogW
ClearEventLogW
RegLoadKeyA
RegEnumValueA
RegConnectRegistryW
RegDeleteKeyW
RegEnumKeyExW
NotifyChangeEventLog
StartServiceW
RegEnumKeyA
CreateProcessWithLogonW
CreateProcessAsUserW
ChangeServiceConfigW
MakeAbsoluteSD
IsTokenRestricted
RegOpenKeyA
ChangeServiceConfig2W
RegOpenKeyW
ImpersonateAnonymousToken
EnumDependentServicesW
CreateServiceW
EnumDependentServicesA
RegEnumKeyW
RegOpenCurrentUser
RegisterServiceCtrlHandlerExA
QueryServiceConfigA
OpenSCManagerA
GetUserNameW
RegNotifyChangeKeyValue
EnumServicesStatusExW
RevertToSelf
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegCreateKeyExA
RegQueryInfoKeyA
SetNamedSecurityInfoA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f61da32222901ed4623c93cd1839fd3

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB