049c5f625953b02a7aba1c904a14851cdd998ea21ee1e604016f8ba37c952ed1

General

Target

049c5f625953b02a7aba1c904a14851cdd998ea21ee1e604016f8ba37c952ed1
Size

245KB
MD5

6a75b82edf296a8ae16fe701e1498322
SHA1

87fc5a506b0e60ed1b1fde86e3a08b7d7ab1e23d
SHA256

049c5f625953b02a7aba1c904a14851cdd998ea21ee1e604016f8ba37c952ed1
SHA512

269f714764a7ef03998348ad9e92f20aadac3a10bd3c1c7808baa9962679d960c230b7c5aa0668cbb4b3fab987becd353d30d4982c38ce7d0f8ff261e64caea1
SSDEEP

6144:GxaBj+KeQjPC4PlKXJDyLEKz2G5+C5xStVY/m1zU:Gx5L2lSDsEKSQNxCVY/

Score

N/A

Malware Config

Signatures

Files

049c5f625953b02a7aba1c904a14851cdd998ea21ee1e604016f8ba37c952ed1
.dll windows x86

469ae20b4bb452ad452b466c53d38c9f

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenProcessToken
RegisterServiceCtrlHandlerExW
RegConnectRegistryW
BuildExplicitAccessWithNameW
RegOpenKeyExW
RegCloseKey
StartServiceCtrlDispatcherW
SetEntriesInAclW
SetServiceStatus
CreateProcessAsUserW
RegQueryValueExW
GetUserNameW
SetSecurityInfo
SetTokenInformation
DuplicateTokenEx
GetSecurityInfo
GetSecurityDescriptorDacl

kernel32

VirtualProtectEx
FindClose
GetModuleHandleW
GetStartupInfoW
GetModuleHandleA
GetTickCount
CreateProcessW
GetCurrentProcessId
GetCurrentThreadId
GetProcAddress
FindFirstFileW
lstrlenW
GetCurrentProcess
WaitForSingleObject
GetModuleFileNameW
GetExitCodeProcess
lstrcpynW
GetVersionExW
FreeLibrary
MultiByteToWideChar
IsDebuggerPresent
QueryPerformanceCounter
LocalFree
OpenProcess
LoadLibraryW
IsProcessorFeaturePresent
LoadLibraryA
lstrcpyW
CreateEventW
GetLastError
SetEvent
CloseHandle

Exports

Exports

WeqeUjPTu
JtAemCldXo
HXJAuc
GxsMget
eoeBRT
AmFsbl
CGQTCCXvmn
XnBcmXYn
uSiXI
XxnGXvtj
vLQA
NymEfWj
vGdmKbVohcS
WjoAfvBasbx
vDPXRyxi
kAJgjVUCU
ltQeHNFUPrm

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 211KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

469ae20b4bb452ad452b466c53d38c9f

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 26KB

.data Size: 211KB - Virtual size: 232KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 26KB - Virtual size: 26KB

.data
Size: 211KB - Virtual size: 232KB

.reloc
Size: 3KB - Virtual size: 3KB