096dda9c010522a17fbdbfda2caa8b3a3d88aecafd0287df082f2ca30fcc0e8a

Sharing

Copy URL

Twitter E-mail

General

Target

096dda9c010522a17fbdbfda2caa8b3a3d88aecafd0287df082f2ca30fcc0e8a
Size

561KB
MD5

e4e774e20da79849080fdf2496d99b74
SHA1

82dd2256410720084bdddd8b53c910149861f644
SHA256

096dda9c010522a17fbdbfda2caa8b3a3d88aecafd0287df082f2ca30fcc0e8a
SHA512

3697288d7ecddca6629e53fb88af0e8f147bd67b7385de588da3ecbf0b1cbc7cecabb2e1614c36a042d6b123551e2cd15646dfdca257aabebcb8788c768459c3
SSDEEP

12288:GR83TbH2AYTX+FpUlqkdcpUwfCeUTkw3Ae7vEps:GG3/HVUt+esw3Ae7s

Score

N/A

Malware Config

Signatures

Files

096dda9c010522a17fbdbfda2caa8b3a3d88aecafd0287df082f2ca30fcc0e8a
.dll windows x86

3d800d346b1c95eb65f30c323cd853fc

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtectEx
CloseHandle
TlsAlloc
LoadLibraryA
Sleep
WaitForSingleObject
FindClose
GetEnvironmentVariableA
FindNextFileA
DeviceIoControl
TlsSetValue
CreateFileW
DecodePointer
EncodePointer
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
GetStringTypeW
CreateThread
WaitForSingleObjectEx
WriteConsoleW
OutputDebugStringW
OutputDebugStringA
WriteFile
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
GetCommandLineW
GetCommandLineA
GetFileType
GetStdHandle
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
GetACP
GetTimeZoneInformation
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetModuleFileNameA
GetSystemInfo
HeapValidate
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
RtlUnwind
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsGetValue
InitializeCriticalSectionAndSpinCount
RaiseException
InterlockedFlushSList
GetModuleFileNameW
GetLastError
FindFirstFileA
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

advapi32

SystemFunction036
SetSecurityDescriptorDacl
SetEntriesInAclA
CreateServiceW
RegEnumKeyA
RegCloseKey
StartServiceCtrlDispatcherA
QueryServiceStatus
RegDeleteKeyA
RegQueryValueExA
AllocateAndInitializeSid
LookupPrivilegeValueA
SetServiceStatus
OpenServiceA
OpenThreadToken
RegOpenKeyExA
InitializeSecurityDescriptor
FreeSid
OpenProcessToken
RegSetValueExA
ControlService
RegCreateKeyExA
OpenSCManagerA
RegisterServiceCtrlHandlerA

mprapi

MprAdminInterfaceTransportGetInfo
MprConfigServerGetInfo
MprConfigInterfaceGetInfo
MprConfigServerInstall
MprAdminTransportSetInfo
MprAdminIsServiceRunning
MprAdminInterfaceDelete
MprConfigBufferFree
MprAdminInterfaceSetInfo
MprInfoBlockSet
MprAdminMIBEntryGetNext
MprAdminMIBEntryGetFirst
MprAdminInterfaceDeviceGetInfo
MprConfigInterfaceDelete
MprConfigInterfaceGetHandle
MprAdminMIBEntryCreate
MprAdminMIBEntrySet
MprAdminMIBBufferFree
MprConfigServerBackup
MprAdminInterfaceGetCredentialsEx
MprConfigInterfaceTransportSetInfo
MprConfigTransportDelete
MprAdminInterfaceQueryUpdateResult
MprConfigServerRestore
MprConfigGetFriendlyName
MprAdminTransportGetInfo
MprAdminPortEnum
MprAdminUserSetInfo
MprAdminMIBEntryGet
MprAdminPortDisconnect
MprInfoBlockQuerySize
MprInfoDelete
MprInfoCreate
MprAdminUserGetInfo
MprAdminServerGetInfo
MprInfoBlockFind
MprAdminServerGetCredentials
MprAdminServerDisconnect
MprAdminInterfaceDeviceSetInfo
MprConfigInterfaceTransportAdd
MprInfoBlockRemove
MprAdminInterfaceSetCredentials
MprAdminServerSetCredentials
MprConfigInterfaceTransportEnum
MprConfigServerRefresh
MprConfigGetGuidName
MprAdminInterfaceGetInfo
MprAdminSendUserMessage
MprConfigTransportCreate
MprAdminTransportCreate
MprAdminRegisterConnectionNotification
MprAdminGetPDCServer
MprConfigTransportGetInfo
MprAdminPortClearStats
MprConfigTransportEnum
MprAdminInterfaceGetCredentials
MprConfigInterfaceTransportGetInfo
MprAdminInterfaceConnect
MprAdminPortGetInfo
MprAdminPortReset
MprAdminMIBServerConnect
MprConfigInterfaceSetInfo
MprAdminGetErrorString
MprAdminInterfaceTransportAdd
MprConfigInterfaceTransportRemove
MprAdminInterfaceEnum
MprAdminInterfaceDisconnect
MprInfoDuplicate
MprInfoBlockAdd
MprConfigServerConnect
MprAdminDeregisterConnectionNotification
MprAdminInterfaceSetCredentialsEx
MprAdminDeviceEnum
MprConfigTransportSetInfo
MprAdminInterfaceTransportSetInfo
MprConfigTransportGetHandle
MprAdminInterfaceUpdatePhonebookInfo
MprAdminServerConnect
MprConfigInterfaceTransportGetHandle
MprAdminInterfaceGetHandle
MprConfigInterfaceCreate
MprConfigInterfaceEnum
MprAdminInterfaceTransportRemove
MprAdminConnectionGetInfo
MprAdminMIBServerDisconnect
MprConfigServerDisconnect
MprAdminInterfaceCreate
MprAdminInterfaceUpdateRoutes
MprAdminMIBEntryDelete

Sections

.text
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d800d346b1c95eb65f30c323cd853fc

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

mprapi

Sections

.text Size: 302KB - Virtual size: 301KB

.rdata Size: 189KB - Virtual size: 188KB

.data Size: 55KB - Virtual size: 165KB

.gfids Size: 512B - Virtual size: 248B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 302KB - Virtual size: 301KB

.rdata
Size: 189KB - Virtual size: 188KB

.data
Size: 55KB - Virtual size: 165KB

.gfids
Size: 512B - Virtual size: 248B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 10KB