ParamObjects[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

ParamObjects.dll
Size

320KB
MD5

1a6ec85447e63d0a5d4747d484094880
SHA1

711fc5141597e526610a4746afe04a68f5e460b7
SHA256

a8becef89c37c78ec64e4e7274fd8639ec2c03a407473d8ae01f7ffa05283734
SHA512

87ddc2f05cb4b2a9df88bdfdf2e53038dfdf8c72636f3a971f21406e86b0ee05a4b487ddb19fdbc3428afda3945ad1537001992dc40fc80d6bf6c1f55b50c5df
SSDEEP

6144:d3Hnh3KzaSn+COHSNE23gvKYCelVfkaohFxTUfbad3FZLqfk:xHh3KGSo6F5YCelS/xTUzaRFZL

Score

N/A

Malware Config

Signatures

Files

ParamObjects.dll
.dll regsvr32 windows x86

cd6c335aa463bbaf951faa676f0d4221

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xerces-c_1_6_0

?createXMLReader@XMLReaderFactory@@SAPAVSAX2XMLReader@@XZ
??0DefaultHandler@@QAE@XZ
??1DefaultHandler@@UAE@XZ
?resolveEntity@DefaultHandler@@UAEPAVInputSource@@QBG0@Z
?resetDocument@DefaultHandler@@UAEXXZ
?notationDecl@DefaultHandler@@UAEXQBG00@Z
?unparsedEntityDecl@DefaultHandler@@UAEXQBG000@Z
?resetDocType@DefaultHandler@@UAEXXZ
?endDocument@DefaultHandler@@UAEXXZ
?ignorableWhitespace@DefaultHandler@@UAEXQBGI@Z
?processingInstruction@DefaultHandler@@UAEXQBG0@Z
?setDocumentLocator@DefaultHandler@@UAEXQBVLocator@@@Z
?startDocument@DefaultHandler@@UAEXXZ
?startPrefixMapping@DefaultHandler@@UAEXQBG0@Z
?endPrefixMapping@DefaultHandler@@UAEXQBG@Z
?skippedEntity@DefaultHandler@@UAEXQBG@Z
?warning@DefaultHandler@@UAEXABVSAXParseException@@@Z
?error@DefaultHandler@@UAEXABVSAXParseException@@@Z
?fatalError@DefaultHandler@@UAEXABVSAXParseException@@@Z
?resetErrors@DefaultHandler@@UAEXXZ
?comment@DefaultHandler@@UAEXQBGI@Z
?endCDATA@DefaultHandler@@UAEXXZ
?endDTD@DefaultHandler@@UAEXXZ
?endEntity@DefaultHandler@@UAEXQBG@Z
?startCDATA@DefaultHandler@@UAEXXZ
?startDTD@DefaultHandler@@UAEXQBG00@Z
?startEntity@DefaultHandler@@UAEXQBG@Z

shlwapi

PathIsUNCW
PathIsRelativeW
PathFindExtensionW
PathIsRootW
PathStripToRootW
PathRelativePathToW
PathCanonicalizeW

kernel32

HeapAlloc
HeapDestroy
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
LocalFree
GetProcessHeap
HeapSize
HeapReAlloc
CopyFileW
GetDiskFreeSpaceExW
CreateDirectoryW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
RemoveDirectoryW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
lstrlenA
GetPrivateProfileSectionA
CloseHandle
GetFileSize
CreateFileW
InterlockedIncrement
InterlockedDecrement
ExpandEnvironmentStringsW
GetComputerNameW
lstrcpyW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
GetModuleFileNameW
lstrcmpiW
DisableThreadLibraryCalls
HeapFree
lstrcatW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
Sleep
FoldStringW
GetCurrentThreadId
GetTickCount
lstrcpynW

user32

LoadStringW
CharNextW
LoadIconW
MessageBoxW

advapi32

RegCloseKey
RegEnumKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegDeleteValueW
GetUserNameW
RegQueryValueExW
RegOpenKeyExW

ole32

CLSIDFromProgID
CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoDisconnectObject
WriteClassStm
OleSaveToStream
OleLoadFromStream
StgCreateDocfile
StgOpenStorage
CoGetClassObject
CoCreateInstance

oleaut32

SysReAllocStringLen
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetLBound
LoadRegTypeLi
VarUI4FromStr
DispCallFunc
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
VariantChangeType
SafeArrayCopy
CreateErrorInfo
SetErrorInfo
SafeArrayRedim
VarBstrCat
VarBstrCmp
SafeArrayGetElement
SafeArrayLock
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantInit
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayPutElement
SysAllocStringLen
SafeArrayUnlock
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocString
VariantCopy
GetErrorInfo

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_Nomemory@std@@YAXXZ

msvcr71

??0exception@@QAE@ABV0@@Z
realloc
free
??3@YAXPAX@Z
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_CxxThrowException
memmove
wcschr
??_V@YAXPAX@Z
fprintf
__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__security_error_handler
_callnewh
wcspbrk
fwprintf
_wremove
wcstol
_wtoi
memcpy
iswdigit
iswalpha
iswalnum
memset
_resetstkoflw
wcscat
wcscmp
wcsncpy
_purecall
wcsrchr
wcscpy
swprintf
_except_handler3
malloc
time
srand
_wtol
iswspace
rand
_wcsicmp
wcsstr
vswprintf
_wcsnicmp
_vscwprintf
wcslen
strchr
fclose
_waccess
_wfopen
_errno

miclogfile

?MicLogWriteToFile@@YA_NW4ELogLevel@@JPBGJPBD1ZZ

micpackvariant

?PackVariant@@YAJUtagVARIANT@@PAPAXPAK@Z
?UnpackVariant@@YAJPBXPAUtagVARIANT@@PAK@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd6c335aa463bbaf951faa676f0d4221

Headers

File Characteristics

Imports

xerces-c_1_6_0

shlwapi

kernel32

user32

advapi32

ole32

oleaut32

msvcp71

msvcr71

miclogfile

micpackvariant

Exports

Exports

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 44KB - Virtual size: 42KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 44KB - Virtual size: 42KB

.reloc
Size: 20KB - Virtual size: 19KB