General

Malware Config

Signatures

Files

• raw0rbp9s.rar

  .dll windows x86

  59b24abed3cd05ead29d8782a370b92c

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetLastError

  LoadLibraryA

  GetProcAddress

  GetModuleHandleW

  QueryPerformanceCounter

  GetCommandLineW

  ExpandEnvironmentStringsW

  CreateEventW

  CreateThread

  WaitForSingleObject

  InterlockedIncrement

  MultiByteToWideChar

  LoadLibraryW

  FormatMessageW

  GetTickCount

  Sleep

  OpenEventW

  SetEvent

  CloseHandle

  GetStdHandle

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  GetDateFormatW

  LocalAlloc

  GetTimeFormatW

  LocalFree

  GetCurrentThreadId

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetModuleHandleA

  GetStartupInfoA

  GetFileType

  WriteFile

  WideCharToMultiByte

  WriteConsoleW

  GetTimeZoneInformation

  FreeLibrary

  GetShortPathNameW

  CreateProcessA

  GlobalUnWire

  lstrlenA

  MoveFileA

  MoveFileWithProgressA

  SetCommTimeouts

  GetConsoleAliasW

  SetConsoleCtrlHandler

  GetSystemInfo

  GetSystemPowerStatus

  GetVolumePathNameW

  SetComputerNameA

  ReadConsoleOutputCharacterW

  GetDriveTypeW

  FindFirstVolumeW

  DeleteFileW

  FindNextVolumeW

  FindVolumeClose

  GetVolumePathNamesForVolumeNameW

  GetFileInformationByHandle

  CreateFileW

  GetFileSize

  CreateFileMappingW

  MapViewOfFile

  UnmapViewOfFile

  lstrcpyW

  IsBadReadPtr

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSection

  GetVolumeNameForVolumeMountPointW

  ReleaseMutex

  OpenMutexW

  CreateMutexW

  FindFirstFileW

  FindNextFileW

  FindClose

  HeapFree

  ReadFile

  lstrcatW

  IsBadWritePtr

  GetProcessHeap

  HeapAlloc

  lstrcmpiW

  lstrlenW

  CreateFileA

  FileTimeToDosDateTime

  GetFileAttributesA

  SetLastError

  user32

  LoadCursorA

  LoadStringW

  DialogBoxParamW

  EndDialog

  GetDlgItem

  EnableWindow

  SendDlgItemMessageW

  wsprintfW

  CharUpperW

  wvsprintfA

  IsCharUpperW

  UnionRect

  RegisterClassW

  EnumPropsExW

  IsHungAppWindow

  RegisterClassA

  SetPropA

  MessageBoxA

  CharLowerA

  AdjustWindowRect

  LoadMenuIndirectW

  GetTopWindow

  DdePostAdvise

  WaitForInputIdle

  SetWindowRgn

  GetMenuItemRect

  RemoveMenu

  RegisterWindowMessageW

  IsWindowUnicode

  ChangeMenuW

  MessageBoxIndirectW

  MapVirtualKeyExW

  GetUserObjectInformationW

  ReleaseDC

  GetWindowLongW

  SetCaretPos

  GetKeyboardLayoutNameA

  SetMenu

  CopyAcceleratorTableA

  GetKBCodePage

  SwitchDesktop

  gdi32

  GetTextCharacterExtra

  RealizePalette

  InvertRgn

  GetStretchBltMode

  RoundRect

  RemoveFontResourceTracking

  GetTextExtentExPointW

  EngStretchBlt

  GetDeviceCaps

  GetTextExtentExPointWPri

  GetCharacterPlacementA

  GetCharABCWidthsFloatA

  SetDCPenColor

  SetGraphicsMode

  SetWorldTransform

  GetOutlineTextMetricsW

  XLATEOBJ_piVector

  CLIPOBJ_ppoGetPath

  SetRectRgn

  GetRgnBox

  GdiGetDC

  GdiConvertAndCheckDC

  CopyEnhMetaFileA

  GetEnhMetaFileA

  EngCreateSemaphore

  CreateFontW

  GetTextExtentPoint32W

  EngComputeGlyphSet

  SetTextColor

  ModifyWorldTransform

  GdiSetLastError

  GdiGetLocalDC

  GetTextFaceW

  CreateFontIndirectExA

  SetDIBits

  BitBlt

  GdiDescribePixelFormat

  PolyTextOutW

  EngDeleteSemaphore

  GdiCleanCacheDC

  advapi32

  RegOpenKeyA

  StartServiceCtrlDispatcherW

  RegOpenKeyExW

  RegQueryInfoKeyW

  RegEnumValueW

  RegConnectRegistryW

  RegOpenKeyW

  RegSetValueExW

  OpenSCManagerW

  OpenServiceW

  ControlService

  RegCloseKey

  CloseServiceHandle

  SetServiceStatus

  RegisterServiceCtrlHandlerExW

  RegQueryValueExW

  SetSecurityDescriptorDacl

  InitializeSecurityDescriptor

  SetSecurityInfo

  SetEntriesInAclW

  AllocateAndInitializeSid

  RegEnumKeyW

  CloseEventLog

  ReadEventLogW

  OpenEventLogW

  FreeSid

  shell32

  CommandLineToArgvW

  SHPathPrepareForWriteW

  SHAppBarMessage

  FindExecutableW

  SHGetDiskFreeSpaceA

  SHGetFileInfoA

  SHIsFileAvailableOffline

  SHBrowseForFolderA

  SHPathPrepareForWriteA

  DragQueryPoint

  SHGetDataFromIDListW

  ShellExecuteExW

  ShellExecuteEx

  SHFileOperationW

  ShellExecuteExA

  ShellExecuteA

  DragQueryFileW

  SHGetFolderLocation

  ExtractIconEx

  shlwapi

  StrRChrA

  StrChrA

  StrRChrW

  Sections

  .text

  Size: 9KB - Virtual size: 9KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 512B - Virtual size: 225B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rdata3

  Size: 1024B - Virtual size: 984B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .2

  Size: 512B - Virtual size: 10B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rdata2

  Size: 512B - Virtual size: 10B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 7KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .text4

  Size: 277KB - Virtual size: 276KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 12KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ