DllRegisterServer
UuvecbcYKTyMrJ6
aUnKtRUjVX5m96z
vkBeRArrLQ2ppqw
Static task
static1
1 signatures
General
-
Target
4bf19fba861e8f78ea14a47d90ad0bd5d7e7a1415c57a7d0dde5806226ab1f5e
-
Size
405KB
-
MD5
87a224f41b5cf0cd3760fa0e39a008d1
-
SHA1
09d03301b72e56afbc3833599ecd2be0797b04ab
-
SHA256
4bf19fba861e8f78ea14a47d90ad0bd5d7e7a1415c57a7d0dde5806226ab1f5e
-
SHA512
a33ee61f38ad3e333a4de6133cb494425427c6f43353d0e2a15918bca3c7fc735964c984b2df015789e748d730bf8b0e5b54fac466b7f30cd3b566f56855c4bb
-
SSDEEP
12288:M3hV6Pw4aT23s2oNd9zi3BBoNIQ/hsA7:Yb6Pw4R3s2Qi3fUZh
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4bf19fba861e8f78ea14a47d90ad0bd5d7e7a1415c57a7d0dde5806226ab1f5e
Files
-
4bf19fba861e8f78ea14a47d90ad0bd5d7e7a1415c57a7d0dde5806226ab1f5e.dll regsvr32 windows x64
dbde2cec49d02964ab0aa40b1f723aff
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
GetCurrentProcess
VirtualAllocExNuma
ExitProcess
WriteConsoleW
CreateFileW
HeapSize
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetModuleHandleExW
GetModuleFileNameW
HeapFree
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapAlloc
GetStdHandle
GetFileType
CloseHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
RtlUnwind
ole32
CoTaskMemAlloc
CoTaskMemFree
CoLoadLibrary
Exports
Exports
Sections
.text Size: 134KB - Virtual size: 133KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 73KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 181KB - Virtual size: 180KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ