0875f28f35275cbf5c9c1412020ac3a00561cde2ad29beeac97e2798024232b1

Sharing

Copy URL

Twitter E-mail

General

Target

0875f28f35275cbf5c9c1412020ac3a00561cde2ad29beeac97e2798024232b1
Size

849KB
MD5

dcbe9456c7b71bd1b6a3b4998dc3bf87
SHA1

a8d6761db071eedded69602a9a8326d863c44731
SHA256

0875f28f35275cbf5c9c1412020ac3a00561cde2ad29beeac97e2798024232b1
SHA512

8cf990ca3fb8f0ae8d245ac045b0647838053407715a51f80ba3679275652a5482351ed09c122fde86901d0aebe4e3588f30cc63c814f784376c1ee6e167921c
SSDEEP

24576:cP/lh7rH/i9rz+hwKzyUj/JGzwMgtx1EWsrbw4iaZ4gRrbk:cP9h7e9rz+t/JGz5g3uWsrbw4iaqgRr

Score

N/A

Malware Config

Signatures

Files

0875f28f35275cbf5c9c1412020ac3a00561cde2ad29beeac97e2798024232b1
.dll windows x86

8c0d0671247235019d5724ca3b739bf7

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
GetVersion
VirtualProtectEx
GetProcessHeap
Sleep
GetLocalTime
OpenMutexW
CreateEventW
LoadLibraryW
GetEnvironmentVariableW
CreateFileW
WaitForSingleObjectEx
OutputDebugStringW
OutputDebugStringA
CloseHandle
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
WriteFile
HeapSize
SetStdHandle
SetEnvironmentVariableW
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
SetLastError
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleW
MultiByteToWideChar
GetStringTypeW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RaiseException
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetLastError
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetModuleFileNameW
GetCurrentThread
HeapFree
HeapAlloc
GetACP
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
GetStdHandle
GetFileType
SetConsoleCtrlHandler
GetTimeZoneInformation
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
CreateThread

ole32

OleUninitialize
OleInitialize

mprapi

MprAdminMIBEntryGetNext
MprConfigInterfaceTransportGetInfo
MprConfigServerBackup
MprConfigInterfaceTransportGetHandle
MprAdminMIBEntrySet
MprConfigInterfaceTransportSetInfo
MprConfigInterfaceTransportRemove
MprConfigInterfaceTransportEnum

Exports

Exports

Dropleave
GlassExercise
Mehope
Top

Sections

.text
Size: 507KB - Virtual size: 507KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 649KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c0d0671247235019d5724ca3b739bf7

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

mprapi

Exports

Exports

Sections

.text Size: 507KB - Virtual size: 507KB

.rdata Size: 284KB - Virtual size: 284KB

.data Size: 6KB - Virtual size: 649KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 18KB - Virtual size: 18KB

.text
Size: 507KB - Virtual size: 507KB

.rdata
Size: 284KB - Virtual size: 284KB

.data
Size: 6KB - Virtual size: 649KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 18KB - Virtual size: 18KB