3e3fcbd20c7c3ab29be624b784fcee54589c78d80b97f3ffba776140b392bc19

Sharing

Copy URL

Twitter E-mail

General

Target

3e3fcbd20c7c3ab29be624b784fcee54589c78d80b97f3ffba776140b392bc19
Size

561KB
MD5

5379604500eac848ff6a33c97211cd7b
SHA1

5e3aa59ce244588b4fd2e1ba371c4ff0911adea3
SHA256

3e3fcbd20c7c3ab29be624b784fcee54589c78d80b97f3ffba776140b392bc19
SHA512

c8327321cf305d8079012f5984b9731ea29d7a0274e1cb0faab036c4643ca4172b367a1363b960d5cba4a708fefa947e592d480495c17d6e43016afa55475b70
SSDEEP

12288:GR83TbJ2AYTX+FpUlqkdcpUwfCeUTkw3Ae7vEps:GG3/JVUt+esw3Ae7s

Score

N/A

Malware Config

Signatures

Files

3e3fcbd20c7c3ab29be624b784fcee54589c78d80b97f3ffba776140b392bc19
.dll windows x86

3d800d346b1c95eb65f30c323cd853fc

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtectEx
CloseHandle
TlsAlloc
LoadLibraryA
Sleep
WaitForSingleObject
FindClose
GetEnvironmentVariableA
FindNextFileA
DeviceIoControl
TlsSetValue
CreateFileW
DecodePointer
EncodePointer
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
GetStringTypeW
CreateThread
WaitForSingleObjectEx
WriteConsoleW
OutputDebugStringW
OutputDebugStringA
WriteFile
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
GetCommandLineW
GetCommandLineA
GetFileType
GetStdHandle
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
GetACP
GetTimeZoneInformation
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetModuleFileNameA
GetSystemInfo
HeapValidate
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
RtlUnwind
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsGetValue
InitializeCriticalSectionAndSpinCount
RaiseException
InterlockedFlushSList
GetModuleFileNameW
GetLastError
FindFirstFileA
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

advapi32

SystemFunction036
SetSecurityDescriptorDacl
SetEntriesInAclA
CreateServiceW
RegEnumKeyA
RegCloseKey
StartServiceCtrlDispatcherA
QueryServiceStatus
RegDeleteKeyA
RegQueryValueExA
AllocateAndInitializeSid
LookupPrivilegeValueA
SetServiceStatus
OpenServiceA
OpenThreadToken
RegOpenKeyExA
InitializeSecurityDescriptor
FreeSid
OpenProcessToken
RegSetValueExA
ControlService
RegCreateKeyExA
OpenSCManagerA
RegisterServiceCtrlHandlerA

mprapi

MprAdminInterfaceTransportGetInfo
MprConfigServerGetInfo
MprConfigInterfaceGetInfo
MprConfigServerInstall
MprAdminTransportSetInfo
MprAdminIsServiceRunning
MprAdminInterfaceDelete
MprConfigBufferFree
MprAdminInterfaceSetInfo
MprInfoBlockSet
MprAdminMIBEntryGetNext
MprAdminMIBEntryGetFirst
MprAdminInterfaceDeviceGetInfo
MprConfigInterfaceDelete
MprConfigInterfaceGetHandle
MprAdminMIBEntryCreate
MprAdminMIBEntrySet
MprAdminMIBBufferFree
MprConfigServerBackup
MprAdminInterfaceGetCredentialsEx
MprConfigInterfaceTransportSetInfo
MprConfigTransportDelete
MprAdminInterfaceQueryUpdateResult
MprConfigServerRestore
MprConfigGetFriendlyName
MprAdminTransportGetInfo
MprAdminPortEnum
MprAdminUserSetInfo
MprAdminMIBEntryGet
MprAdminPortDisconnect
MprInfoBlockQuerySize
MprInfoDelete
MprInfoCreate
MprAdminUserGetInfo
MprAdminServerGetInfo
MprInfoBlockFind
MprAdminServerGetCredentials
MprAdminServerDisconnect
MprAdminInterfaceDeviceSetInfo
MprConfigInterfaceTransportAdd
MprInfoBlockRemove
MprAdminInterfaceSetCredentials
MprAdminServerSetCredentials
MprConfigInterfaceTransportEnum
MprConfigServerRefresh
MprConfigGetGuidName
MprAdminInterfaceGetInfo
MprAdminSendUserMessage
MprConfigTransportCreate
MprAdminTransportCreate
MprAdminRegisterConnectionNotification
MprAdminGetPDCServer
MprConfigTransportGetInfo
MprAdminPortClearStats
MprConfigTransportEnum
MprAdminInterfaceGetCredentials
MprConfigInterfaceTransportGetInfo
MprAdminInterfaceConnect
MprAdminPortGetInfo
MprAdminPortReset
MprAdminMIBServerConnect
MprConfigInterfaceSetInfo
MprAdminGetErrorString
MprAdminInterfaceTransportAdd
MprConfigInterfaceTransportRemove
MprAdminInterfaceEnum
MprAdminInterfaceDisconnect
MprInfoDuplicate
MprInfoBlockAdd
MprConfigServerConnect
MprAdminDeregisterConnectionNotification
MprAdminInterfaceSetCredentialsEx
MprAdminDeviceEnum
MprConfigTransportSetInfo
MprAdminInterfaceTransportSetInfo
MprConfigTransportGetHandle
MprAdminInterfaceUpdatePhonebookInfo
MprAdminServerConnect
MprConfigInterfaceTransportGetHandle
MprAdminInterfaceGetHandle
MprConfigInterfaceCreate
MprConfigInterfaceEnum
MprAdminInterfaceTransportRemove
MprAdminConnectionGetInfo
MprAdminMIBServerDisconnect
MprConfigServerDisconnect
MprAdminInterfaceCreate
MprAdminInterfaceUpdateRoutes
MprAdminMIBEntryDelete

Sections

.text
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d800d346b1c95eb65f30c323cd853fc

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

mprapi

Sections

.text Size: 302KB - Virtual size: 301KB

.rdata Size: 189KB - Virtual size: 188KB

.data Size: 55KB - Virtual size: 165KB

.gfids Size: 512B - Virtual size: 248B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 302KB - Virtual size: 301KB

.rdata
Size: 189KB - Virtual size: 188KB

.data
Size: 55KB - Virtual size: 165KB

.gfids
Size: 512B - Virtual size: 248B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 10KB