0d6aad4b3fe886c7d24286d333094bed9eb2c6d5ee3f7afb7fabbd1538f440e2

Sharing

Copy URL

Twitter E-mail

General

Target

0d6aad4b3fe886c7d24286d333094bed9eb2c6d5ee3f7afb7fabbd1538f440e2
Size

243KB
MD5

7b5549a7d9e638eb713dce14c2ad357b
SHA1

171c328013f121ea18c68436c5450b89c50e8794
SHA256

0d6aad4b3fe886c7d24286d333094bed9eb2c6d5ee3f7afb7fabbd1538f440e2
SHA512

b62f454bc52de5975b9327889cf52f2a7103936bd3437156ab85e31119ed42b8ea19bc78cefa07ded3a6b9c87407c6bf43bff25275b25bb5073bb07b079a0616
SSDEEP

6144:G4iRkKcIMB8G1EtRKEe819YsScGhoRlkVN:vqkZbBw0EeonSZoRl4N

Score

N/A

Malware Config

Signatures

Files

0d6aad4b3fe886c7d24286d333094bed9eb2c6d5ee3f7afb7fabbd1538f440e2
.dll windows x86

63da619dfaf16ebe53c67f3cf84ba712

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
RegOpenKeyExA
OpenServiceW
InitializeSecurityDescriptor
InitializeSecurityDescriptor
LookupAccountNameW
IsValidSecurityDescriptor
FreeSid
SetSecurityDescriptorDacl
LookupAccountSidW
RegQueryValueExW
GetLengthSid
RegDeleteValueW
RegCreateKeyExW
StartServiceW
RegQueryValueExA
GetSecurityDescriptorGroup
RegEnumKeyExW
CloseServiceHandle
GetSecurityDescriptorLength
GetSecurityDescriptorDacl
RegEnumValueW
RegCloseKey
RegDeleteKeyW
MakeSelfRelativeSD
GetAce
GetSecurityDescriptorOwner
InitializeAcl
GetAclInformation
EqualSid
SetSecurityDescriptorGroup
RegOpenKeyExW
SetSecurityDescriptorOwner
AddAccessAllowedAce
OpenSCManagerW
QueryServiceStatus

comctl32

InitCommonControlsEx
DestroyPropertySheetPage
CreatePropertySheetPageW

gdi32

CreateBitmapIndirect
GetTextExtentPoint32W
CreateCompatibleDC
GetObjectW

imm32

ImmAssociateContext

kernel32

LockResource
LoadResource
InterlockedDecrement
IsBadWritePtr
GetWindowsDirectoryW
VirtualProtect
GetLastError
GetModuleFileNameW
FindResourceExW
QueryPerformanceCounter
MultiByteToWideChar
lstrcmpiW
DeleteCriticalSection
SetLastError
lstrlenW
lstrcatW
GetTickCount
lstrcpynW
GetUserDefaultUILanguage
GetComputerNameW
LeaveCriticalSection
GetCurrentProcessId
InitializeCriticalSection
InterlockedIncrement
HeapDestroy
LocalAlloc
GetProcAddress
GlobalAlloc
LoadLibraryW
FormatMessageW
GetDriveTypeW
Sleep
GetFileAttributesW
GlobalUnlock
GetModuleHandleW
WideCharToMultiByte
EnterCriticalSection
FreeLibrary
GetUserDefaultLCID
GetSystemDefaultUILanguage
LoadLibraryA
LocalFree
GetShortPathNameW
GetCurrentThreadId
GlobalLock
lstrcpyW
GlobalFree
GetSystemTimeAsFileTime
IsBadReadPtr

mpr

WNetGetConnectionW

msvcrt

_wcsdup
_initterm
_wtol
_mbschr
malloc
wcscpy
wcslen
__RTDynamicCast
iswdigit
_wcsnicmp
iswalpha
?terminate@@YAXXZ
wcstok
strchr
_wcsicmp
wcschr
_onexit
_purecall
free
wcscmp
wcscat
__dllonexit
_wtoi
__CxxFrameHandler
wcsncpy
iswascii
swscanf
memmove
wcsrchr

netapi32

NetApiBufferFree
NetServerGetInfo

ole32

CoTaskMemFree
CoGetClassObject
CreateStreamOnHGlobal
StringFromGUID2
CoInitialize
CoTaskMemAlloc
ReleaseStgMedium
CLSIDFromProgID
CoCreateInstanceEx
StringFromCLSID
CoUninitialize
CoCreateInstance

secur32

FreeContextBuffer
EnumerateSecurityPackagesW

shell32

SHGetMalloc
ShellExecuteW
SHGetFileInfoW
SHBrowseForFolderW
ExtractIconExW
SHGetPathFromIDListW

user32

wsprintfW
LoadStringW
IsWindowVisible
GetWindow
GetTabbedTextExtentW
CharNextW
GetDC
GetWindowRect
GetClientRect
PostMessageW
CharUpperW
DrawIconEx
RedrawWindow
SendMessageW
GetParent
LoadBitmapW
GetFocus
GetWindowTextLengthW
GetWindowInfo
ShowWindow
UnhookWindowsHookEx
RegisterClipboardFormatW
InvalidateRect
FillRect
GetDesktopWindow
IsWindowEnabled
EnableWindow
CallNextHookEx
ReleaseDC
GetWindowTextW
GetIconInfo
SetWindowsHookExW
LoadIconW
GetSysColor

Exports

Exports

MvrmcLpK
lebCrWOF
YINiLnV
qpkcnKLKh
EWeo
tAKlxV
QEWCoKK
oPnrNbD
sfQksPAuy
mpicpDwuE
wbLEK
wTDClRQae
umJiQLUvC
wFAv
ekIlfW
OSMLlYUFA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63da619dfaf16ebe53c67f3cf84ba712

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comctl32

gdi32

imm32

kernel32

mpr

msvcrt

netapi32

ole32

secur32

shell32

user32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 173KB - Virtual size: 172KB

.data Size: 46KB - Virtual size: 45KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 173KB - Virtual size: 172KB

.data
Size: 46KB - Virtual size: 45KB

.reloc
Size: 2KB - Virtual size: 2KB