matanbuchus | matanbuchus_loader_unpacked[.]dll

Resubmissions

01-07-2022 12:07

220701-paebkaehb3 10

Sharing

Copy URL

Twitter E-mail

General

Target

matanbuchus_loader_unpacked.dll
Size

471KB
MD5

795df1d16417f62c9868b9980a7c7a98
SHA1

655151885663229ea809fecfa8e1ecefb60ff3ad
SHA256

1d54fedc209ca132cb953f7fde263b65c7917e4e7e9fde6c4ef128aa04543a09
SHA512

de3235acb8908363c3606c34cf237aa9394f8914bcd3f885442a4a7e2afb4ab94e742257fb179c972899cdefc064d814b213fa0eb266f1c8a98dc70896b5393f
SSDEEP

12288:BnfYouzOEzzQtfa22hr4TYvY5hAJ1Tw8ROUGWoa:BnQ7zAt+h0TYvY5eNRO7Woa

Score

10^/10

matanbuchus

Malware Config

Signatures

Matanbuchus family
matanbuchus

Files

matanbuchus_loader_unpacked.dll
.dll windows x86

88f6ff83869aa8561e083192e2605bcc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
RaiseException
DeleteCriticalSection
ExitProcess
VirtualAlloc
CreateFileW
DecodePointer
InitializeCriticalSectionEx
OutputDebugStringA
CloseHandle
GetStringTypeW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
InterlockedFlushSList
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetModuleHandleExW
GetModuleFileNameW
LCMapStringW
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW

gdi32

BitBlt
RectVisible

shell32

DragQueryFileW

ole32

CoUninitialize

wininet

InternetCloseHandle

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Exports

Exports

?HackCheck@@YGXXZ
CPlApplet
DllInstall

Sections

.text
Size: 373KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

88f6ff83869aa8561e083192e2605bcc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

shell32

ole32

wininet

version

Exports

Exports

Sections

.text Size: 373KB - Virtual size: 373KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 2KB - Virtual size: 6KB

.reloc Size: 5KB - Virtual size: 4KB

.rsrc Size: 60KB - Virtual size: 60KB

.text
Size: 373KB - Virtual size: 373KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 2KB - Virtual size: 6KB

.reloc
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 60KB - Virtual size: 60KB