Static task
static1
Behavioral task
behavioral1
Sample
registr.dll
Resource
win7-20221111-en
General
-
Target
registr.dll
-
Size
500KB
-
MD5
37ebaa87c26ae0ad610753d894ddad08
-
SHA1
3d4701817d75ed690b0de3b903a347a22dd4fac0
-
SHA256
0be4ef602d0cf99bcda0b4011b0f83283ab0a9a4ac4d75bdbcb7c83bf464e66d
-
SHA512
5e28c8978f40ac938877d696fd1bfe9c44f8581a05f172758c558a50583874a5be6b727ee7ecfb8f7cc31ba85d65746f705a6315821d9d63f1c7d7fe48ef24c1
-
SSDEEP
6144:WiMXUN0KYxhW45uHkHZYblO0tY1YjjPyVKKMrAKjoIHF4vojQGvW6i7+n6dWg:WhUC7c45uH1blOo6u8xu3G7++
Malware Config
Signatures
Files
-
registr.dll.dll windows x86
e42fab3fd7f83aea3aea34a6aa7b84e9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
powrprof
ReadPwrScheme
ws2_32
select
winspool.drv
DeletePrinter
clusapi
GetClusterFromResource
user32
GetSysColor
DeleteMenu
gdi32
LineDDA
GetTextFaceW
GetTextExtentPointW
kernel32
GetBinaryTypeA
GetPrivateProfileSectionW
GetModuleHandleW
WaitForSingleObjectEx
CloseHandle
GetCommMask
GetTickCount
OutputDebugStringA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetModuleFileNameA
msvcrt
fputs
memset
advapi32
IsTextUnicode
FindFirstFreeAce
wininet
FindFirstUrlCacheEntryExA
Sections
.text Size: 152KB - Virtual size: 151KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 292KB - Virtual size: 288KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 12KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ