ObjectMapping[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

ObjectMapping.dll
Size

196KB
MD5

c6dfc3c55535435bf593c7e3e46f400d
SHA1

b4b909f833fd1b3783b3a166d808cc6cafaf1d69
SHA256

d8ea30504798e604025c0aafa13046e729a54c45d32c73281ec57dd7e726fc9e
SHA512

be5643c83d9451b3b76928d4e486873328c3e3a48295f6248cb83d2719b2f3d9cd31a179d8ebde2c30f0d42f1eb163d44507f9a83f70cba994c9596a14ff231c
SSDEEP

3072:Uv7OqkM5raYo4yTF5VCEFhMTsTJBOAtIv0qhePIOlZKIC24ahOL+GWU:k7OqkM5JkF5sELMwFxFlZKp24MO1

Score

N/A

Malware Config

Signatures

Files

ObjectMapping.dll
.dll regsvr32 windows x86

754d0cacd841c929e7d034e38c3efa60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc71u

ord5222
ord3942
ord4562
ord5226
ord5209
ord5562
ord2832
ord4475
ord3327
ord757
ord5829
ord1281
ord1555
ord2364
ord1064
ord1970
ord577
ord870
ord5398
ord2460
ord293
ord1133
ord5231
ord5229
ord2384
ord2394
ord2392
ord2390
ord2386
ord2409
ord2397
ord1647
ord1646
ord1590
ord1536
ord261
ord258
ord5220
ord1472
ord4320
ord2009
ord1007
ord5096
ord566
ord3869
ord4026
ord2876
ord6063
ord5862
ord2893
ord280
ord3927
ord3756
ord3873
ord776
ord5869
ord2311
ord1110
ord2925
ord1911
ord3826
ord5378
ord6215
ord3800
ord5579
ord2054
ord6274
ord3795
ord6272
ord4008
ord4032
ord1571
ord6282
ord5316
ord2340
ord6293
ord5327
ord3249
ord265
ord3189
ord4238
ord1545
ord3165
ord4228
ord1538
ord2080
ord4092
ord1474
ord1922
ord3158
ord2077
ord1925
ord3204
ord3155
ord587
ord3156
ord2985
ord4226
ord2076
ord572
ord3224
ord4255
ord4480
ord3943
ord2638
ord3703
ord3713
ord3712
ord2952
ord2527
ord2640
ord2534
ord2856
ord3677
ord2708
ord4301
ord2829
ord2725
ord2531
ord5196
ord1955
ord5171
ord1353
ord4961
ord3339
ord6275
ord3796
ord6273
ord1513
ord2163
ord2169
ord2399
ord2381
ord2379
ord2402
ord2407
ord2388
ord2404
ord931
ord927
ord929
ord925
ord920
ord5956
ord1591
ord4276
ord4716
ord3397
ord5210
ord4179
ord6271
ord5067
ord1899
ord5148
ord4232
ord1393
ord3940
ord1608
ord1611
ord5911
ord1562
ord1632
ord2083
ord765
ord315
ord1033
ord1197
ord1199
ord1093
ord371
ord1115
ord1192
ord1168
ord1170
ord1200
ord1087
ord1162
ord581
ord416
ord651
ord658
ord620
ord591
ord266
ord762
ord1908
ord764
ord1178
ord1182
ord314
ord1043
ord2239
ord3824
ord1079
ord1145
ord283

msvcr71

__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__security_error_handler
swprintf
wcscpy
wcsrchr
wcscat
__CxxFrameHandler
memcmp
memset
_except_handler3
_wcslwr
wcsstr
_wcsicmp
memmove
wcscmp
wcstok
_wtol
wcsncpy
wcslen
malloc
realloc
free
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
_resetstkoflw
memcpy
_purecall

kernel32

LockResource
GetCurrentProcessId
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
Sleep
GetModuleFileNameW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExW
LoadResource
FindResourceW
GlobalUnlock
GlobalAlloc
GetLastError
lstrlenA
MultiByteToWideChar
SetLastError
HeapAlloc
GetProcessHeap
FlushInstructionCache
GetCurrentProcess
MulDiv
FreeLibrary
LoadLibraryW
lstrcpynW
HeapFree
lstrcpyW
SizeofResource
FindResourceExW
GetProcAddress
GetModuleHandleW
RaiseException
GetCurrentThreadId
GetTickCount
LocalFree
LocalAlloc
ExitProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GlobalLock
InterlockedDecrement

user32

GetClientRect
RegisterClipboardFormatW
EnableWindow
EnumChildWindows
DrawTextW
GetWindow
GetKeyState
PtInRect
UnionRect
MapDialogRect
SystemParametersInfoW
IsDialogMessageW
CopyAcceleratorTableW
SendMessageW
GetParent
MessageBoxW
RegisterWindowMessageW
SetForegroundWindow
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
GetForegroundWindow
SendMessageTimeoutW
GetWindowRect
ScreenToClient
WindowFromPoint
GetDesktopWindow
MapWindowPoints
GetSysColor
GetWindowLongW
GetClassNameW
IsWindowVisible
GetWindowThreadProcessId
EnumWindows
LoadImageW
GetSystemMetrics
InvalidateRect
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
DestroyWindow
GetDlgItem
GetDC
ReleaseDC
GetDialogBaseUnits
SetWindowContextHelpId
SendDlgItemMessageW
GetNextDlgTabItem
ShowWindow
SetWindowLongW
SetWindowPos
CreateWindowExW
SetFocus
IsWindow
IsChild
GetFocus

gdi32

SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateMetaFileW
GetDeviceCaps
CreateFontIndirectW
GetTextMetricsW
GetTextExtentPointW
GetObjectW
SetBkColor
GetStockObject
DeleteDC
CreateRectRgnIndirect
SelectObject
Rectangle
SetTextColor
SetBkMode
CreateSolidBrush
SetViewportOrgEx
DeleteObject
LPtoDP
SetMapMode

advapi32

RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegCloseKey

comctl32

ImageList_ReplaceIcon

ole32

CoTaskMemFree
StringFromCLSID
CoInitialize
CreateStreamOnHGlobal
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CoTaskMemAlloc
CreateOleAdviseHolder
CoCreateInstance
CoGetClassObject

oleaut32

VariantCopy
VarCmp
SysAllocStringByteLen
SafeArrayUnlock
SafeArrayLock
SafeArrayDestroyData
SafeArrayAllocDescriptor
LoadTypeLi
RegisterTypeLi
SafeArrayAllocData
SafeArrayDestroyDescriptor
SafeArrayPutElement
SafeArrayGetElement
OleCreatePropertyFrame
SysAllocStringLen
SysStringLen
VariantChangeType
SysStringByteLen
VariantClear
VariantInit
OleTranslateColor
SysFreeString
SysAllocString
LoadRegTypeLi

atl71

ord56
ord23
ord61
ord64
ord15
ord55
ord49
ord32
ord28
ord30
ord47
ord50
ord51
ord58
ord37
ord66
ord43
ord65
ord31
ord22
ord60
ord18
ord26
ord27
ord48
ord11
ord10
ord54
ord44
ord42

msvcp71

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

754d0cacd841c929e7d034e38c3efa60

Headers

File Characteristics

Imports

mfc71u

msvcr71

kernel32

user32

gdi32

advapi32

comctl32

ole32

oleaut32

atl71

msvcp71

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 32KB - Virtual size: 29KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 32KB - Virtual size: 29KB

.reloc
Size: 12KB - Virtual size: 11KB