TDSerializeMgr[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

TDSerializeMgr.dll
Size

296KB
MD5

5e0265ef7c137930a8af9d9c14b81123
SHA1

586d16d5a881aff2951cd613cd0c310e12c6f552
SHA256

9947fd39580b8522e4f16f127ac4fa551e826e4b051239d553147450a1e94aad
SHA512

9126e99506cfb4cf506ed4c7b2b29220aebffce751e2b49d6f3e8a5e62b1c8c211bcc6900900b49eef5fe29a420f00faa288b4b6f1cf269702b5b9b6ad402c3a
SSDEEP

6144:82TQkQehvmlPco4Z3Rtzr4T7LOaOqkWa94qRm02mIgVQ6c:8ws8mlPco0Rtzr4T7LOacAmIgVQ6c

Score

N/A

Malware Config

Signatures

Files

TDSerializeMgr.dll
.dll regsvr32 windows x86

ad582fad5193979f70d681db8a2f2a81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostbyname
inet_ntoa

kernel32

lstrcpynW
CreateDirectoryW
lstrcatW
lstrcpyW
GetFileAttributesExW
DeleteFileW
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThreadId
DisableThreadLibraryCalls
Sleep
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
GetDiskFreeSpaceExW
CopyFileW
RaiseException
WideCharToMultiByte
GetTickCount
GetModuleHandleW
CloseHandle
OpenProcess
GetProcAddress
LoadLibraryW
GlobalAlloc
GlobalSize
CreateProcessW
GetPrivateProfileIntW
ReadFile
GetFileSize
CreateFileW
GetACP
IsDBCSLeadByte
GetSystemDefaultLangID
IsDBCSLeadByteEx
GetLastError
LocalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetLocaleInfoA
GetTempPathW
GetThreadLocale
GetVersionExW
MultiByteToWideChar
lstrlenA
GetComputerNameW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
InterlockedExchange
FindResourceW
FindResourceExW
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
OutputDebugStringW
GetTempFileNameW
InitializeCriticalSection
lstrlenW

user32

LoadStringW
GetWindowLongW
CallWindowProcW
UnregisterClassA
SetWindowLongW
DestroyWindow
UnregisterClassW
CreateWindowExW
PostMessageW
MessageBoxW
CharLowerW
FindWindowW
GetTopWindow
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
SendMessageW
GetWindowThreadProcessId
GetParent
GetForegroundWindow
RegisterWindowMessageW
SendMessageTimeoutW
SetForegroundWindow
SystemParametersInfoW
RegisterClassW
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
KillTimer
SetTimer
PostThreadMessageW
DefWindowProcW

advapi32

RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW

ole32

CoCreateInstance
CLSIDFromProgID
CoTaskMemFree
StringFromCLSID
CoCreateGuid
CoCreateFreeThreadedMarshaler
CoMarshalInterface
CreateStreamOnHGlobal
CoUnmarshalInterface
CoGetClassObject
StgOpenStorage

oleaut32

SysAllocStringByteLen
SysFreeString
SysAllocString
GetErrorInfo
CreateErrorInfo
SysStringByteLen
SysReAllocStringLen
VarBstrCat
DispCallFunc
RegisterTypeLi
VariantChangeType
VarCmp
VariantCopy
LoadTypeLi
LoadRegTypeLi
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetElement
SafeArrayUnlock
SafeArrayLock
VarBstrCmp
SysAllocStringLen
VariantClear
VariantInit
SysStringLen
SetErrorInfo

atl71

ord18
ord11
ord10
ord45
ord44
ord43
ord22
ord58
ord65
ord32
ord66
ord30
ord56
ord15
ord55
ord49
ord23
ord31
ord64
ord61

shlwapi

PathIsRootW
PathStripToRootW
PathRelativePathToW
PathIsUNCW
PathCanonicalizeW

msvcp71

?uncaught_exception@std@@YA_NXZ
?_Ipfx@?$basic_istream@GU?$char_traits@G@std@@@std@@QAE_N_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
?sbumpc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?id@?$ctype@G@std@@2V0locale@2@A
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@@Z
??0_Lockit@std@@QAE@H@Z
?id@?$ctype@D@std@@2V0locale@2@A
??1_Lockit@std@@QAE@XZ
?_Id_cnt@id@locale@std@@0HA
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Register@facet@locale@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?widen@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGD@Z
?_Nomemory@std@@YAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?clear@ios_base@std@@QAEXH_N@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1locale@std@@QAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?snextc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?sgetc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?is@?$ctype@G@std@@QBE_NFG@Z

miclogfile

?MIC_LOG_CHECK_LOG_LEVEL_AND_CATEGORY@@YA_NW4ELogLevel@@J@Z
?MicLogWriteToFile@@YA_NW4ELogLevel@@JPBGJPBD1ZZ
?MicLogWriteToFileHr@@YA_NW4ELogLevel@@JPBGJPBDJ1ZZ

msvcr71

strlen
??0exception@@QAE@XZ
__CxxFrameHandler
??1exception@@UAE@XZ
??3@YAXPAX@Z
_CxxThrowException
wcscmp
free
realloc
??0exception@@QAE@ABV0@@Z
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@PBD@Z
??_V@YAXPAX@Z
wcsrchr
wcsstr
_waccess
_vscwprintf
vswprintf
wcslen
memmove
_except_handler3
_purecall
_wsplitpath
wcschr
wcstok
wcscpy
swprintf
wcscat
memcpy
iswalpha
_wremove
fwprintf
_wfopen
memset
wcspbrk
iswspace
wcsncpy
iswdigit
_wtoi
_access
fwrite
fseek
getc
fgetwc
fread
malloc
_callnewh
__security_error_handler
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
_wcsicmp
_wcsnicmp
strcpy
fclose

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad582fad5193979f70d681db8a2f2a81

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

ole32

oleaut32

atl71

shlwapi

msvcp71

miclogfile

msvcr71

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 188KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 16KB - Virtual size: 14KB

.text
Size: 192KB - Virtual size: 188KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 16KB - Virtual size: 14KB