unregmp2[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

unregmp2.exe
Size

209KB
MD5

51629aaaf753c6411d0b7d37620b7a83
SHA1

d9e3f08bd0b1c7282342cea0e9d0b52cf7c54764
SHA256

cc883043adccfa1dd61b3da09d89940f3b97a6e74a09aa32d0d339b0553cd728
SHA512

bdfae0e02f0e18171738ecb705770463e4696884ac279de79f681a5a525c2bd58014dc8b0546a128c7aed92aeaed4219bf25009dd998f262c2ed30d965514cb3
SSDEEP

3072:9P6OfAg0IenWsWSwcCRCoE1mJ1C6U2z3maPfb9s:9gWsYRiO1CKzP3b

Score

1^/10

Malware Config

Signatures

Files

unregmp2.exe
.exe windows x86

567debb2a156b506ed421c435f1b2e33

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
RegEnumValueW
OpenServiceW
RegDeleteValueW
ChangeServiceConfigW
QueryServiceConfigW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
ControlService
RegCreateKeyExW
RegDeleteKeyW
OpenSCManagerW
CloseServiceHandle
QueryServiceStatus
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegQueryInfoKeyW

kernel32

CloseHandle
RaiseException
HeapSetInformation
LoadResource
FindResourceW
GetSystemWindowsDirectoryW
GetTickCount
RegisterApplicationRestart
FindFirstFileExW
FindNextFileW
GetShortPathNameW
RemoveDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
lstrcmpW
ExpandEnvironmentStringsW
GetCurrentProcess
GetUserDefaultLCID
UnhandledExceptionFilter
GetFileSize
GetLocalTime
GetWindowsDirectoryA
CreateFileA
GetTempPathA
SetFilePointer
GetProfileStringW
GetPrivateProfileStringW
WritePrivateProfileStringW
WriteProfileStringW
GetFileTime
FreeLibrary
GetProcAddress
GetWindowsDirectoryW
LoadLibraryW
FileTimeToSystemTime
GetTimeZoneInformation
GetSystemDefaultLangID
GetVersionExW
GetStartupInfoW
Sleep
GetLastError
SetFileAttributesW
LCIDToLocaleName
GetSystemDirectoryW
GetModuleFileNameW
GetFileAttributesW
CreateFileW
FindClose
CreateHardLinkW
WriteFile
SetLastError
FindFirstFileW
SizeofResource
CreateDirectoryW
DeleteFileW
SetUnhandledExceptionFilter
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
TerminateProcess

user32

LoadStringW

msvcrt

__dllonexit
_unlock
_lock
_except_handler4_common
_controlfp
?terminate@@YAXXZ
_acmdln
_onexit
__setusermatherr
_ismbblead
__p__fmode
_cexit
_exit
exit
__set_app_type
__getmainargs
_amsg_exit
__p__commode
_XcptFilter
_callnewh
malloc
free
wcsrchr
_wcsnicmp
wcsstr
wcschr
_wcslwr
_wcsicmp
mbstowcs
_vsnwprintf
memcpy
_initterm
swscanf
_wtoi
_vsnprintf
_itow
_wtol
iswalpha
iswalnum
memset

ole32

PropVariantClear
CoCreateGuid
StringFromGUID2
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantClear
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SysFreeString

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shell32

SHCreateItemFromParsingName
SHSetLocalizedName
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetFolderPathW
ShellExecuteW
SHGetMalloc
SHChangeNotify
SHGetPathFromIDListW

shlwapi

PathAddBackslashW
PathUnExpandEnvStringsW
PathRemoveBlanksW
PathRemoveFileSpecW
PathAppendW
PathIsDirectoryW
PathAddBackslashA

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

567debb2a156b506ed421c435f1b2e33

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

msvcrt

ole32

oleaut32

version

shell32

shlwapi

Sections

.text Size: 182KB - Virtual size: 182KB

.data Size: 5KB - Virtual size: 9KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 182KB - Virtual size: 182KB

.data
Size: 5KB - Virtual size: 9KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 12KB