ViewerGen[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

ViewerGen.dll
Size

212KB
MD5

e469031735a0c9d443bfdba49fe63a88
SHA1

24dfa2e6315ed8aa69720c96c46eba63cc19329f
SHA256

e9e0d21be4b5d7731907ce8b58ff043197c1e955b91aebcd9990a94be7f004b5
SHA512

cacf46106e093c98ccaa16ab03754f40089944186e9337ae0df390af97d2438d7693091e6039356bf440329381ec875c94b6e507257dc7f3a9951738b884515d
SSDEEP

3072:YoOhEZWN3ASNOto7gqxtQW5AXPB47SHHVLz3blq41i6+zD689RYpnXe:HiEZWSSMi7KW5oPnJzv+zD687Y

Score

N/A

Malware Config

Signatures

Files

ViewerGen.dll
.dll regsvr32 windows x86

2b4d7096b8a1ace39dc175e08c62dae5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GetVersionExW
GlobalLock
GlobalUnlock
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
HeapAlloc
FreeLibrary
LoadLibraryW
GetProcAddress
GetProcessHeap
HeapFree
WideCharToMultiByte
GetLastError
GetModuleFileNameW
MultiByteToWideChar
InterlockedDecrement
FlushInstructionCache
GetCurrentProcess
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
LocalFree
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrlenA
Sleep
InterlockedIncrement
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
lstrlenW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
RaiseException

user32

SetWindowPos
SetWindowLongW
GetWindowLongW
DestroyWindow
wsprintfW
DefWindowProcW
GetKeyState
PtInRect
UnionRect
ShowWindow
IsChild
GetFocus
SetFocus
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
EndPaint
BeginPaint
CallWindowProcW
CreateWindowExW
InvalidateRect
GetClassNameW
IsWindowVisible
IsWindow
GetParent
GetSystemMetrics
GetClientRect
MessageBeep
LoadStringW
ScreenToClient
RedrawWindow

gdi32

GetDeviceCaps
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateMetaFileW
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
SetTextAlign
TextOutW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegDeleteValueW
RegCloseKey

ole32

CoTaskMemAlloc
CreateOleAdviseHolder
StringFromCLSID
CoTaskMemFree
OleRun
CLSIDFromString
CoCreateInstance
CLSIDFromProgID
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs

oleaut32

SysReAllocStringLen
OleCreatePropertyFrame
DispCallFunc
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SafeArrayUnlock
SafeArrayLock
SafeArrayDestroyData
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayDestroyDescriptor
SafeArrayPutElement
SafeArrayGetElement
SafeArrayRedim
VariantCopy
VarCmp
VarBstrCmp
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
VariantClear
VariantInit
SysStringLen
SysAllocStringLen
SysFreeString
SysAllocString
GetErrorInfo

atl71

ord30
ord32
ord66
ord65
ord18
ord10
ord11
ord42
ord47
ord48
ord40
ord23
ord61
ord56
ord64
ord15
ord55
ord49
ord58
ord45
ord50
ord51
ord27
ord26
ord22
ord44
ord43
ord31

msvcr71

realloc
strlen
strncmp
strstr
_mbsstr
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
malloc
_vscprintf
vsprintf
??_U@YAPAXI@Z
wcsrchr
swprintf
wcscat
memcmp
_except_handler3
_resetstkoflw
iswdigit
_wtoi
sprintf
wcscmp
strpbrk
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
_initterm
_adjust_fdiv
__CppXcptFilter
_purecall
free
memset
??_V@YAXPAX@Z
??2@YAPAXI@Z
??3@YAXPAX@Z
memmove
vswprintf
_vscwprintf
wcsstr
_CxxThrowException
wcslen
memcpy
_wcsicmp
wcscpy
__CxxFrameHandler
wcsncmp
strncpy

msvcp71

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b4d7096b8a1ace39dc175e08c62dae5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

atl71

msvcr71

msvcp71

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 36KB - Virtual size: 35KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 36KB - Virtual size: 35KB

.reloc
Size: 12KB - Virtual size: 8KB