General

Malware Config

Signatures

Files

• 0e9fa391b449719565a188b51105913a

  .dll regsvr32 windows:4 windows x86 arch:x86

  68c66c93477a92b7c1ba46f019c55dc6

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  lstrlenW

  QueryDosDeviceA

  SetWaitableTimer

  SearchPathW

  CloseHandle

  Process32FirstW

  SetConsoleScreenBufferSize

  SetEvent

  PeekConsoleInputA

  RtlZeroMemory

  QueueUserAPC

  FormatMessageA

  ntdll

  RtlInitializeGenericTable

  RtlAnsiStringToUnicodeString

  user32

  DestroyCursor

  LoadMenuIndirectA

  DestroyAcceleratorTable

  LoadAcceleratorsW

  LoadMenuA

  LoadCursorW

  LoadAcceleratorsA

  LoadMenuW

  advapi32

  ChangeServiceConfigA

  gdi32

  ResizePalette

  SetLayout

  PtVisible

  GetRandomRgn

  GetSystemPaletteUse

  SetPixelV

  msvcrt

  _atodbl

  _sys_errlist

  free

  ldexp

  shell32

  SHDoDragDrop

  rasapi32

  RasGetProjectionInfoA

  Exports

  Exports

  DllCanUnloadNow

  DllGetClassObject

  DllRegisterServer

  DllUnregisterServer

  Sections

  .text

  Size: 135KB - Virtual size: 134KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 22KB - Virtual size: 254KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 7KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ