DllRegisterServer
Static task
static1
Behavioral task
behavioral1
Sample
b481ac05ea9a59eedf6233166327057279babef26c913a8e89536472b192e86c.dll
Resource
win7-20221111-en
General
-
Target
b481ac05ea9a59eedf6233166327057279babef26c913a8e89536472b192e86c
-
Size
581KB
-
MD5
71675a9a8abbce8ba524f8f6ef3735ed
-
SHA1
8e1aaed744a22f0d7240a4ad21a42d9779e05170
-
SHA256
b481ac05ea9a59eedf6233166327057279babef26c913a8e89536472b192e86c
-
SHA512
cfda0b5890e0c514f8cb349e8be2987ed3e920e476d7a7398c58e84aaa289b1621cfd4f80fb8fdf1c8cc89a3956885d5bd27aec55d4db255585a4f8cfa93cd1c
-
SSDEEP
12288:thxWJiJvGs36YX1PpP0Dl026+0anwVKm+4S1w:tCiokBP0Rl6+0awV7S
Malware Config
Signatures
Files
-
b481ac05ea9a59eedf6233166327057279babef26c913a8e89536472b192e86c.dll regsvr32 windows x64
584ae4efed782e97613a052bcc1e8990
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
HeapSize
HeapQueryInformation
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetACP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
ExitProcess
Sleep
HeapReAlloc
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
RaiseException
HeapFree
HeapAlloc
GetCommandLineA
FlsSetValue
CreateFileA
GetFullPathNameA
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentDirectoryA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetModuleHandleW
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GlobalAlloc
FormatMessageA
LocalFree
GlobalFree
FreeResource
GetCurrentProcessId
GetModuleFileNameA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
GetVersionExA
GetLastError
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
GetProcAddress
SetLastError
LoadLibraryA
GetWindowsDirectoryA
FreeLibrary
GetCurrentProcess
LockResource
MultiByteToWideChar
GetFileAttributesA
SizeofResource
WideCharToMultiByte
LoadResource
lstrlenA
FreeEnvironmentStringsW
FindResourceA
user32
DestroyMenu
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
ShowWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
DispatchMessageA
GetTopWindow
GetWindowLongPtrA
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SystemParametersInfoA
GetWindowPlacement
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowTextLengthA
GetWindowTextA
GetWindow
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
MessageBoxA
GetCursorPos
SetWindowPos
WindowFromPoint
RegisterWindowMessageA
IsWindowEnabled
SetFocus
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
CopyImage
CreateIconIndirect
GetIconInfo
DestroyIcon
PostMessageA
GetSysColorBrush
DrawIconEx
CreateIconFromResourceEx
CopyIcon
GetSystemMenu
IsIconic
LoadIconA
DrawIcon
GetDC
ReleaseDC
AppendMenuA
GetSystemMetrics
LoadImageA
ClientToScreen
SetCursor
GetWindowRect
FillRect
SetCapture
GetKeyState
GetFocus
GetParent
CharNextA
GetClientRect
CharPrevA
SendMessageA
DrawEdge
SetRectEmpty
PtInRect
GetCapture
OffsetRect
RedrawWindow
GetSysColor
IsWindow
ReleaseCapture
EnableWindow
LoadCursorA
CopyRect
gdi32
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
TextOutA
PtVisible
GetDeviceCaps
CreatePen
RectVisible
SelectClipRgn
GetBrushOrgEx
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetBkColor
RestoreDC
SaveDC
CreateDIBSection
StretchBlt
GetDIBits
GetCurrentObject
SetDIBColorTable
CreateBitmap
UnrealizeObject
SelectObject
SetDIBits
GetDIBColorTable
CreateRectRgn
GetPixel
GetObjectA
CreateSolidBrush
GetTextExtentPoint32A
BitBlt
SetBrushOrgEx
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
Ellipse
SetPixelV
winspool.drv
OpenPrinterA
ClosePrinter
DocumentPropertiesA
advapi32
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
shell32
SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA
DragFinish
ShellExecuteA
DragQueryFileA
shlwapi
PathFindExtensionA
PathRemoveFileSpecW
ole32
CoInitializeEx
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
oleaut32
VariantClear
VariantChangeType
VariantInit
ntdll
NtMapViewOfSection
NtCreateSection
Exports
Exports
Sections
.text Size: 272KB - Virtual size: 272KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 85KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 180KB - Virtual size: 180KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ