7ff9948a0000[.]shlext010x64[.]dll[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7ff9948a0000.shlext010x64.dll.exe
Size

156KB
MD5

72a5abf77915da4a5ba879d43e4c2a95
SHA1

c6feae2b234ebe9fd6db86cc032e6665575ab8a0
SHA256

b35a1d9396994d9701301ef18d0e53dc3f74c2eec8322c939cc4982063952088
SHA512

05356320dc4834c1d45cb2cfcb00a5963b9927ba2f176c8965428e864fe36309e5305d825267a97f53451090553673acb3e0bfee97308f00359a2be64697d857
SSDEEP

3072:gcDMgvVIhARGoCiov0h7rfxlMJFPczVOqJ:TwgtOWCiovk4EzVv

Score

N/A

Malware Config

Signatures

Files

7ff9948a0000.shlext010x64.dll.exe
.dll regsvr32 windows x64

9dc1e1ff3c86dd9b09202a7da69d6ea6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegQueryValueExW
RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW

gdi32

GetDIBits
DeleteDC
GetObjectW
SetDIBits
CreateCompatibleDC

kernel32

FreeLibrary
lstrcmpiW
LoadLibraryExW
lstrcpynW
LocalAlloc
GetFileAttributesW
GlobalLock
LocalFree
VerSetConditionMask
lstrcpyn
WideCharToMultiByte
GetModuleHandleW
GlobalUnlock
WriteConsoleW
CloseHandle
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
WriteFile
DeleteCriticalSection
GetProcAddress
DecodePointer
FindResourceW
RaiseException
LoadResource
DisableThreadLibraryCalls
GetLastError
MultiByteToWideChar
InitializeCriticalSectionEx
LeaveCriticalSection
EncodePointer
GetModuleFileNameW
EnterCriticalSection
VerifyVersionInfoW
SizeofResource
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetFileType
GetStdHandle
GetProcessHeap
LCMapStringW
FreeEnvironmentStringsW
IsDebuggerPresent
OutputDebugStringW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
InterlockedFlushSList
RtlPcToFileHeader
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FatalExit
GetModuleHandleExW
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW

oleaut32

VarUI4FromStr

shell32

DragQueryFileW
ShellExecuteW

user32

LoadBitmapW
GetMenuItemCount
LoadImageW
CharNextW
MessageBoxW
GetMenuItemInfoW
InsertMenuItemW

combase

CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc

ole32

ReleaseStgMedium

kernelbase

FlsAlloc
FlsSetValue
InitializeCriticalSectionEx

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9dc1e1ff3c86dd9b09202a7da69d6ea6

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

kernel32

oleaut32

shell32

user32

combase

ole32

kernelbase

Exports

Exports

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 4KB - Virtual size: 8KB

.pdata Size: 6KB - Virtual size: 5KB

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 4KB - Virtual size: 8KB

.pdata
Size: 6KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 9KB - Virtual size: 9KB