c0f3b27ae4f7db457a86a38244225cca35aa0960eb6a685ed350e99a36c32b61[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

c0f3b27ae4f7db457a86a38244225cca35aa0960eb6a685ed350e99a36c32b61.dll
Size

1.2MB
MD5

a6d49b646ed61b91bcfe9c2170b258cd
SHA1

75c7cdddfbf538f51da8b74cbad11c302206750e
SHA256

c0f3b27ae4f7db457a86a38244225cca35aa0960eb6a685ed350e99a36c32b61
SHA512

18be0707af33a9c4e3b9c57e7c6a3a00b0a249acf606ccb7cc0d968a722637e8bfdc4f7d09da208cd9477ef915fd019ff171df8977c55481093c35d0ccf6a2cc
SSDEEP

24576:mDrIuOfGiDT2XNXWrdyv/z7f0LFrodrs4LK:8OfGKSBWxMfsLFVmK

Score

N/A

Malware Config

Signatures

Files

c0f3b27ae4f7db457a86a38244225cca35aa0960eb6a685ed350e99a36c32b61.dll
.dll regsvr32 windows x86

7c9b89444ff48748c211919f9f5ba5de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_XcptFilter
_initterm
_amsg_exit
??3@YAXPAX@Z
_vsnwprintf
_wcsicoll
mbstowcs
_wcsicmp
??_U@YAPAXI@Z
memcpy
??2@YAPAXI@Z
realloc
_purecall
free
malloc
memset
??_V@YAXPAX@Z

psapi

GetModuleFileNameExW
GetModuleBaseNameW
EnumProcessModules

kernel32

GetCurrentProcessId
TerminateProcess
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedCompareExchange
Sleep
InterlockedExchange
VirtualFree
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
OpenProcess
CreateMutexW
SetLastError
GlobalAlloc
GetVersionExW
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
MultiByteToWideChar
lstrlenW
lstrcpyW
GetLastError
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
CloseHandle
LoadLibraryW
GetProcAddress
GetModuleHandleW
lstrcmpiW
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
DisableThreadLibraryCalls
lstrcpynW
GetModuleFileNameW
FreeLibrary
lstrcatW
lstrlenA
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
FlushInstructionCache
GetCurrentProcess
RaiseException
GetCurrentThreadId
GlobalUnlock
GlobalLock
UnhandledExceptionFilter

ole32

CreateOleAdviseHolder
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
OleSaveToStream
WriteClassStm
OleLoadFromStream
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysAllocString
LoadTypeLi
RegisterTypeLi
SysStringLen
VarUI4FromStr
LoadRegTypeLi
SysStringByteLen
SysAllocStringByteLen
VariantClear
VariantChangeType
SafeArrayDestroy
OleCreatePropertyFrame
SysAllocStringLen
VariantInit
VariantCopy
VarBstrCmp
DispCallFunc
SysFreeString

advapi32

CryptGetHashParam
TraceMessage
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
CryptReleaseContext
CryptDestroyHash
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGenRandom

crypt32

CryptBinaryToStringW

user32

GetWindowRect
GetClassNameW
SetRect
PostMessageW
MoveWindow
DestroyIcon
GetWindowThreadProcessId
GetKeyState
InvalidateRect
IsWindow
DestroyAcceleratorTable
GetParent
SetFocus
GetFocus
IsChild
CreateWindowExW
GetWindowLongW
SetWindowLongW
BeginPaint
GetClientRect
EndPaint
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
GetDC
ReleaseDC
GetClassInfoExW
LoadCursorW
wsprintfW
RegisterClassExW
ShowWindow
CallWindowProcW
DefWindowProcW
UnionRect
PtInRect
CharPrevW
SendMessageTimeoutW
DestroyWindow
CharNextW

gdi32

CloseMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
DeleteMetaFile
CreateMetaFileW
DeleteDC
SetViewportOrgEx
SetMapMode
LPtoDP
CreateRectRgnIndirect
CreateDCW
GetDeviceCaps
SaveDC

ws2_32

closesocket

shell32

SHGetFileInfoW

atl

ord42
ord41

shlwapi

PathFindFileNameW

rdpcore

RDPAPI_CreateInstance

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c9b89444ff48748c211919f9f5ba5de

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

psapi

kernel32

ole32

oleaut32

advapi32

crypt32

user32

gdi32

ws2_32

shell32

atl

shlwapi

rdpcore

Exports

Exports

Sections

.text Size: 144KB - Virtual size: 144KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 144KB - Virtual size: 144KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 11KB - Virtual size: 10KB