310ac7c48b536f71a16706f67fd4d2bed5d9f5708dd460cf3cbc0cd34f43a3ed

Sharing

Copy URL

Twitter E-mail

General

Target

310ac7c48b536f71a16706f67fd4d2bed5d9f5708dd460cf3cbc0cd34f43a3ed
Size

372KB
MD5

7e98e8fbf2fec9c9d36896a08a26a97f
SHA1

d3c22e099df48f78765bba4b64e3f006a9e0bcdd
SHA256

310ac7c48b536f71a16706f67fd4d2bed5d9f5708dd460cf3cbc0cd34f43a3ed
SHA512

6d56845449783147539c38f6418bd2387c92c4bb0fba9040c8130db8c6097cf77557a924337541798dd3b3c1ff5aab00864479867cddcd2512e83bdac963decd
SSDEEP

6144:NbP57UDV0iDt00LKwwmFxDa9oNiEZ/LbseQB7G9wRENL:NbsV5t0gkgDa9oNiEZ/LbFQmrL

Score

1^/10

Malware Config

Signatures

Files

310ac7c48b536f71a16706f67fd4d2bed5d9f5708dd460cf3cbc0cd34f43a3ed
.dll regsvr32 windows x86

e735d9365950e14300009b933a49b131

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
GetProcAddress
OpenMutexW
VirtualProtectEx
Sleep
LoadLibraryW
InitializeCriticalSection
EnterCriticalSection
FreeLibrary
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
GetModuleFileNameW
GetModuleHandleExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
IsDebuggerPresent
IsProcessorFeaturePresent
HeapValidate
GetSystemInfo
GetLastError
ExitProcess
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
WriteFile
GetProcessHeap
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
LoadLibraryExW
OutputDebugStringA
WriteConsoleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
HeapAlloc
LCMapStringW
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
SetStdHandle
CloseHandle
CreateFileW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCreateKeyW
RegCloseKey

Exports

Exports

DllRegisterServer
Havedivide
Mountaintogether
Seatproperty
Towarddifficult

Sections

.text
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e735d9365950e14300009b933a49b131

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 251KB - Virtual size: 250KB

.rdata Size: 102KB - Virtual size: 102KB

.data Size: 7KB - Virtual size: 5.0MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 251KB - Virtual size: 250KB

.rdata
Size: 102KB - Virtual size: 102KB

.data
Size: 7KB - Virtual size: 5.0MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 9KB - Virtual size: 9KB