General

Malware Config

Signatures

Files

• 2a27d5511d7d3576e41543570cab5b2e10d3a915320d5224a5986d15b5e8ae00

  .dll windows x86

  322da8607f65867dc4ad1313998cd447

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  Sleep

  GetEnvironmentVariableA

  VirtualProtect

  GetCurrentDirectoryA

  GetTempPathA

  HeapSize

  LCMapStringW

  LCMapStringA

  GetStringTypeW

  MultiByteToWideChar

  GetStringTypeA

  GetLocaleInfoA

  RtlUnwind

  InitializeCriticalSectionAndSpinCount

  LoadLibraryA

  WriteFile

  HeapReAlloc

  VirtualAlloc

  HeapAlloc

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  EnterCriticalSection

  LeaveCriticalSection

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetTickCount

  QueryPerformanceCounter

  VirtualFree

  HeapDestroy

  HeapCreate

  GetEnvironmentStringsW

  WideCharToMultiByte

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  GetModuleFileNameA

  DeleteCriticalSection

  GetStartupInfoA

  GetFileType

  GetStdHandle

  SetHandleCount

  ExitProcess

  HeapFree

  InterlockedDecrement

  GetLastError

  SetLastError

  InterlockedIncrement

  TlsFree

  TlsSetValue

  TlsAlloc

  TlsGetValue

  GetProcAddress

  GetModuleHandleW

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  GetCurrentThreadId

  GetCommandLineA

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  mprapi

  MprConfigInterfaceEnum

  MprConfigTransportCreate

  MprConfigBufferFree

  MprConfigTransportGetInfo

  MprAdminInterfaceGetCredentialsEx

  MprConfigServerDisconnect

  MprAdminConnectionGetInfo

  MprConfigInterfaceCreate

  MprConfigInterfaceTransportGetInfo

  MprAdminUserSetInfo

  MprAdminConnectionClearStats

  MprAdminGetErrorString

  MprAdminTransportCreate

  MprAdminInterfaceDeviceGetInfo

  MprAdminInterfaceDeviceSetInfo

  MprConfigServerConnect

  MprAdminUserGetInfo

  MprConfigInterfaceTransportEnum

  MprAdminTransportSetInfo

  MprAdminInterfaceDisconnect

  MprConfigTransportEnum

  MprConfigGetFriendlyName

  MprConfigGetGuidName

  MprConfigServerInstall

  MprConfigInterfaceTransportRemove

  MprAdminDeregisterConnectionNotification

  MprAdminInterfaceConnect

  MprAdminInterfaceGetCredentials

  MprAdminBufferFree

  MprConfigInterfaceGetInfo

  MprConfigTransportSetInfo

  MprConfigInterfaceGetHandle

  MprConfigServerGetInfo

  MprConfigInterfaceDelete

  MprAdminDeviceEnum

  MprConfigInterfaceTransportAdd

  MprAdminGetPDCServer

  MprAdminInterfaceCreate

  MprAdminInterfaceGetHandle

  MprAdminInterfaceDelete

  MprConfigTransportGetHandle

  MprConfigTransportDelete

  MprConfigServerBackup

  MprAdminInterfaceEnum

  MprConfigInterfaceTransportGetHandle

  MprAdminConnectionEnum

  MprAdminTransportGetInfo

  MprConfigServerRefresh

  MprConfigInterfaceTransportSetInfo

  MprConfigInterfaceSetInfo

  MprConfigServerRestore

  msacm32

  acmFilterEnumA

  acmFormatTagDetailsA

  acmFilterTagEnumA

  acmFilterDetailsA

  acmFormatEnumA

  acmDriverRemove

  acmDriverPriority

  acmFormatDetailsA

  acmFormatTagEnumA

  acmFormatSuggest

  acmFormatChooseA

  acmFilterChooseA

  acmFilterTagDetailsA

  Sections

  .text

  Size: 76KB - Virtual size: 75KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 5KB - Virtual size: 82KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1024B - Virtual size: 808B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ