4a9cfd8221644b4405bd77cbde8623e55199e50f315ba1ac9c696e75d04e3ece

Sharing

Copy URL

Twitter E-mail

General

Target

4a9cfd8221644b4405bd77cbde8623e55199e50f315ba1ac9c696e75d04e3ece
Size

1.1MB
MD5

d4c65c56fa4bc016c835310778682dd8
SHA1

dfd390331c9f0de6c9681466c09e46feff88e7bb
SHA256

4a9cfd8221644b4405bd77cbde8623e55199e50f315ba1ac9c696e75d04e3ece
SHA512

bdcacb45eb4b2d25ae6c3630e2c2442c843c4688db3be12850d8ff255f29dafda8292e709a9d180938a5e210cac5248d60a951cfe7265f36f596b846af334e8d
SSDEEP

12288:ziUHJM529xnYlurYK/gabWztgE0n9puyqgsw2kvuPrj3148SBLEvRtyDUt+BteH:VEKYlZKCgE4P2kvgrjF4WtyAs7RbKxo

Score

N/A

Malware Config

Signatures

Files

4a9cfd8221644b4405bd77cbde8623e55199e50f315ba1ac9c696e75d04e3ece
.dll windows x86

45ad4aa8d81a35050d90ef7d88f587cf

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
SetEnvironmentVariableA
GetCommandLineA
GetOEMCP
SetStdHandle
CreateProcessA
GetProcessHeap
VirtualProtectEx
HeapAlloc
GetTempPathA
Sleep
GetEnvironmentVariableA
GetCommandLineW
GetModuleFileNameA
MultiByteToWideChar
GetLastError
WideCharToMultiByte
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleExW
HeapValidate
GetSystemInfo
ExitProcess
GetStdHandle
GetFileType
WriteFile
OutputDebugStringA
OutputDebugStringW
WriteConsoleW
CloseHandle
WaitForSingleObjectEx
CreateThread
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
GetACP
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
ReadConsoleW
SetFilePointerEx
GetTimeZoneInformation
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
CreateFileW

ole32

CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CoInitialize
CoTaskMemFree
CLSIDFromString

advapi32

RegQueryValueExA
RegCreateKeyA
RegCloseKey

imm32

ImmGetCompositionStringA
ImmSetCompositionWindow
ImmReleaseContext
ImmSetCompositionFontA
ImmNotifyIME
ImmGetContext

Sections

.text
Size: 676KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45ad4aa8d81a35050d90ef7d88f587cf

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

advapi32

imm32

Sections

.text Size: 676KB - Virtual size: 676KB

.rdata Size: 224KB - Virtual size: 223KB

.data Size: 60KB - Virtual size: 1.1MB

.rsrc Size: 128KB - Virtual size: 127KB

.reloc Size: 24KB - Virtual size: 24KB

.text
Size: 676KB - Virtual size: 676KB

.rdata
Size: 224KB - Virtual size: 223KB

.data
Size: 60KB - Virtual size: 1.1MB

.rsrc
Size: 128KB - Virtual size: 127KB

.reloc
Size: 24KB - Virtual size: 24KB