77dd0d459a930c4e2692f935d775f9aa6560e26b19715ee61c20ce6bdbcc8200

Sharing

Copy URL

Twitter E-mail

General

Target

77dd0d459a930c4e2692f935d775f9aa6560e26b19715ee61c20ce6bdbcc8200
Size

324KB
MD5

e43a89f63cca4ca94f565cdb04d7074b
SHA1

0d7dc6e290158fa8fd2f1ef6b88cd9e7404949f0
SHA256

77dd0d459a930c4e2692f935d775f9aa6560e26b19715ee61c20ce6bdbcc8200
SHA512

caab98ebee86c0261a78ed7907995d6e1206d7dc944d7281d0f8c28d55bb08e487c71516b24a0f301aac94e6a34a1da7c3221112192fb7463602b25043badb9d
SSDEEP

6144:sLM8vszfCtF8cO+AL8H4rw4ZWILJ9U4e2UP+TynNGbfV5:sGTCtF8wH4sK9e5a

Score

N/A

Malware Config

Signatures

Files

77dd0d459a930c4e2692f935d775f9aa6560e26b19715ee61c20ce6bdbcc8200
.dll windows x86

1a0686647a5281317de837c58a58010c

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegConnectRegistryW

kernel32

GetComputerNameExW
GetCurrentProcessId
GetStdHandle
lstrlenW
FreeLibrary
FileTimeToSystemTime
LoadLibraryW
VerSetConditionMask
WriteConsoleW
VirtualProtectEx
GetTickCount
LocalFree
TerminateProcess
GetCurrentThreadId
GetCommandLineA
lstrcmpiW
ReadFile
SetConsoleMode
lstrcatW
lstrcpynW
SetLastError
GetProcAddress
GetTimeFormatW
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetPrivateProfileStringW
GetSystemTimeAsFileTime
VerifyVersionInfoW
GetConsoleMode
lstrcpyW
WideCharToMultiByte
MultiByteToWideChar
GetPrivateProfileSectionW
FormatMessageW
WritePrivateProfileStringW
lstrcmpW
QueryPerformanceCounter
GetModuleHandleA
WritePrivateProfileSectionW
GetLastError
ReadConsoleW

mpr

WNetGetLastErrorW
WNetCancelConnection2W
WNetAddConnection2W

msvcrt

_ltow
_wchmod
__winitenv
wcschr
fprintf
wcsstr
_itow
strtok
_c_exit
_XcptFilter
wcsncmp
_initterm
wcstol
calloc
fclose
free
swprintf
exit
wcslen
__setusermatherr
malloc
_wfopen
__wgetmainargs
wcsncat
__set_app_type
_iob
wcstod
_cexit
wcscpy
realloc
wcstok
fflush
_wcsnicmp
_controlfp
_exit
wcscmp

netapi32

NetApiBufferFree
NetServerGetInfo

secur32

GetUserNameExW

shlwapi

StrCmpNW

user32

wsprintfW
LoadStringW
CharUpperW
CharLowerW

Exports

Exports

uLBLvOHJP
DDbiFy
oofuUiNW
pagd
FeVyADAha
xTNHnXQ

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a0686647a5281317de837c58a58010c

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

mpr

msvcrt

netapi32

secur32

shlwapi

user32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 233KB - Virtual size: 233KB

.data Size: 28KB - Virtual size: 27KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 233KB - Virtual size: 233KB

.data
Size: 28KB - Virtual size: 27KB

.reloc
Size: 7KB - Virtual size: 7KB