General

Malware Config

Signatures

Files

• dfbaq8x5.rar

  .dll windows x86

  7799535e79bf5759dc0caffddd270f11

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  LoadLibraryA

  GetProcAddress

  GetLastError

  GetModuleHandleW

  ConnectNamedPipe

  EnumResourceTypesA

  EnumResourceNamesW

  SetDefaultCommConfigA

  MoveFileExA

  GlobalGetAtomNameA

  lstrcpyA

  GetConsoleAliasesA

  LocalCompact

  GetVersion

  FlushConsoleInputBuffer

  ReadConsoleOutputA

  EnumTimeFormatsW

  VirtualAlloc

  GetSystemInfo

  IsBadCodePtr

  FlushFileBuffers

  OpenEventW

  GlobalFindAtomW

  EndUpdateResourceA

  GetConsoleTitleA

  DisableThreadLibraryCalls

  lstrcat

  CreateProcessA

  Process32FirstW

  SetupComm

  ReadConsoleOutputW

  SetVolumeMountPointW

  GetConsoleAliasesW

  SetThreadIdealProcessor

  InterlockedExchangeAdd

  SetTimerQueueTimer

  HeapCreate

  GetTempFileNameA

  TlsSetValue

  TlsGetValue

  LocalAlloc

  lstrlenW

  lstrcmpA

  WriteProcessMemory

  WriteFile

  WideCharToMultiByte

  WaitForSingleObject

  WaitForMultipleObjectsEx

  VirtualQueryEx

  VirtualQuery

  VirtualProtectEx

  VirtualProtect

  VirtualFree

  UnmapViewOfFile

  TerminateThread

  TerminateProcess

  SystemTimeToFileTime

  SuspendThread

  Sleep

  SizeofResource

  SetVolumeLabelW

  SetThreadPriority

  SetThreadContext

  SetThreadAffinityMask

  SetPriorityClass

  SetLastError

  SetFilePointer

  SetEvent

  SetErrorMode

  SetEndOfFile

  ResumeThread

  ResetEvent

  ReleaseSemaphore

  ReleaseMutex

  ReadProcessMemory

  ReadFile

  QueryPerformanceFrequency

  QueryPerformanceCounter

  PulseEvent

  OutputDebugStringW

  OpenProcess

  OpenMutexW

  OpenFileMappingA

  OpenFileMappingW

  OpenEventA

  MultiByteToWideChar

  MulDiv

  MoveFileW

  MapViewOfFile

  LockResource

  LocalFree

  LocalFileTimeToFileTime

  LoadResource

  LoadLibraryExA

  LoadLibraryExW

  LoadLibraryW

  LeaveCriticalSection

  InitializeCriticalSection

  GlobalUnlock

  GlobalSize

  GlobalReAlloc

  GlobalHandle

  GlobalLock

  GlobalFree

  GlobalDeleteAtom

  GlobalAlloc

  GlobalAddAtomW

  GetWindowsDirectoryA

  GetWindowsDirectoryW

  GetVolumeInformationA

  GetVolumeInformationW

  GetVersionExA

  GetVersionExW

  GetUserDefaultLCID

  GetTimeZoneInformation

  GetTickCount

  GetThreadPriority

  GetThreadLocale

  GetThreadContext

  GetTempPathW

  GetTempFileNameW

  GetSystemTime

  GetSystemDirectoryA

  GetSystemDirectoryW

  GetStartupInfoW

  GetProcessVersion

  GetProcessAffinityMask

  GetPriorityClass

  GetModuleHandleA

  GetModuleFileNameA

  GetModuleFileNameW

  GetLogicalDrives

  GetLocaleInfoW

  GetLocalTime

  GetFileSize

  GetFileInformationByHandle

  GetFileAttributesA

  GetFileAttributesW

  GetExitCodeThread

  GetExitCodeProcess

  GetEnvironmentStringsW

  GetDriveTypeW

  GetDiskFreeSpaceW

  GetCurrentThreadId

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  GetComputerNameW

  GetCommandLineA

  GetCPInfo

  FreeResource

  InterlockedIncrement

  InterlockedExchange

  InterlockedDecrement

  FreeLibrary

  FormatMessageA

  FormatMessageW

  FlushViewOfFile

  FindResourceA

  FindResourceW

  FindNextFileW

  FindFirstFileA

  FindFirstFileW

  FindClose

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  FileTimeToDosDateTime

  ExpandEnvironmentStringsW

  ExitProcess

  EnterCriticalSection

  DuplicateHandle

  DosDateTimeToFileTime

  DisconnectNamedPipe

  DeleteFileW

  DeleteCriticalSection

  CreateThread

  CreateSemaphoreW

  CreateNamedPipeW

  CreateMutexA

  CreateMutexW

  CreateFileMappingA

  CreateFileMappingW

  CreateFileA

  CreateFileW

  CreateEventA

  CreateEventW

  CreateDirectoryW

  CopyFileW

  CompareStringW

  CompareFileTime

  CloseHandle

  CancelIo

  GetComputerNameA

  lstrlenA

  lstrcatA

  GetFileTime

  GetStringTypeW

  lstrcpynA

  IsDBCSLeadByte

  GetFullPathNameA

  lstrcmpiA

  SetThreadLocale

  GetSystemDefaultLangID

  GetConsoleOutputCP

  _lcreat

  SetFileTime

  _lclose

  _lopen

  _lread

  _lwrite

  _llseek

  DeleteFileA

  user32

  LoadCursorA

  MsgWaitForMultipleObjects

  PeekMessageW

  TranslateMessage

  LoadCursorW

  SetCursor

  DispatchMessageW

  LoadBitmapW

  GetSysColor

  GetDlgItem

  GetSystemMetrics

  EndDialog

  DialogBoxParamW

  GetShellWindow

  SetWindowPos

  DrawTextW

  GetParent

  LoadStringW

  GetWindowTextW

  MessageBoxW

  ExitWindowsEx

  PostMessageW

  MessageBeep

  SendMessageW

  GetWindowRect

  GetDC

  ReleaseDC

  BeginPaint

  EnumWindowStationsW

  GetMonitorInfoW

  ChangeDisplaySettingsA

  DlgDirListComboBoxW

  GetGuiResources

  IsWindowUnicode

  GetCursorInfo

  OpenDesktopW

  TileWindows

  SwitchDesktop

  CreateWindowExW

  WaitForInputIdle

  UpdateWindow

  SystemParametersInfoW

  AnimateWindow

  ShowWindow

  ShowOwnedPopups

  SetWindowRgn

  SetWindowTextA

  SetWindowTextW

  SetWindowPlacement

  SetWindowLongW

  SetTimer

  SetRect

  SetPropA

  SetParent

  SetForegroundWindow

  SetFocus

  SetCursorPos

  SetClassLongW

  SendNotifyMessageW

  SendMessageTimeoutA

  SendMessageTimeoutW

  SendMessageCallbackA

  SendMessageA

  RemovePropA

  RegisterWindowMessageW

  RegisterClassW

  PostThreadMessageA

  PostThreadMessageW

  PostQuitMessage

  PostMessageA

  OffsetRect

  LoadImageW

  LoadIconW

  KillTimer

  IsZoomed

  IsWindowVisible

  IsWindowEnabled

  IsWindow

  IsIconic

  InvalidateRect

  InsertMenuW

  InflateRect

  GetWindowThreadProcessId

  GetWindowPlacement

  GetWindowLongW

  GetUserObjectInformationW

  GetTopWindow

  GetThreadDesktop

  GetSystemMenu

  GetPropA

  GetWindow

  GetMessageW

  GetMenu

  GetIconInfo

  GetForegroundWindow

  GetClientRect

  GetClassNameA

  GetClassLongW

  GetAsyncKeyState

  GetActiveWindow

  FrameRect

  FindWindowExA

  FindWindowExW

  FindWindowW

  EnumWindows

  EnumThreadWindows

  EnableWindow

  EnableMenuItem

  DrawMenuBar

  DrawFrameControl

  DrawFocusRect

  DestroyWindow

  DestroyIcon

  DefWindowProcW

  CreateIconFromResource

  ChildWindowFromPointEx

  CharUpperW

  CharNextExA

  CharLowerW

  BringWindowToTop

  AttachThreadInput

  AdjustWindowRectEx

  gdi32

  RealizePalette

  GetEnhMetaFileBits

  GetEnhMetaFileW

  CreateSolidBrush

  CreateFontIndirectW

  GetTextExtentPointW

  SetBkColor

  ExtTextOutW

  CreateCompatibleDC

  GetObjectW

  BitBlt

  DeleteObject

  SelectObject

  CreateMetaFileA

  GetCharWidthFloatA

  SetBitmapDimensionEx

  EngFreeModule

  GetEnhMetaFileDescriptionA

  CreateScalableFontResourceW

  GdiConvertBrush

  SetTextCharacterExtra

  CheckColorsInGamut

  EnumFontFamiliesA

  CreatePolygonRgn

  STROBJ_dwGetCodePage

  GetDIBits

  CreatePolyPolygonRgn

  GetCharacterPlacementW

  GetDCPenColor

  CreateEnhMetaFileW

  GetTextExtentPointI

  GetBitmapBits

  SelectClipRgn

  GetCharABCWidthsI

  SetMapMode

  GdiInitSpool

  GetRasterizerCaps

  EngMultiByteToUnicodeN

  EngQueryLocalTime

  EngReleaseSemaphore

  SetDeviceGammaRamp

  FONTOBJ_cGetGlyphs

  GetStockObject

  EngTransparentBlt

  GdiGetDC

  STROBJ_bEnum

  DeleteEnhMetaFile

  EngDeletePalette

  GdiReleaseLocalDC

  GetBkColor

  EngAcquireSemaphore

  GetCurrentObject

  GetStretchBltMode

  SetTextColor

  SetArcDirection

  GdiValidateHandle

  TranslateCharsetInfo

  StretchDIBits

  StretchBlt

  SetStretchBltMode

  SetBkMode

  GetTextExtentPoint32W

  GetPaletteEntries

  GetNearestPaletteIndex

  GetDeviceCaps

  DeleteDC

  CreateRoundRectRgn

  CreateRectRgn

  CreatePalette

  CreateDIBitmap

  CreateDIBSection

  CreateCompatibleBitmap

  CreateBitmap

  comdlg32

  GetSaveFileNameW

  GetOpenFileNameW

  advapi32

  RegQueryValueExA

  RegOpenKeyA

  RegOpenKeyW

  RegDeleteKeyW

  RegCloseKey

  RegDeleteValueW

  RegEnumValueW

  RegOpenKeyExW

  RegQueryValueExW

  SetSecurityDescriptorDacl

  ReportEventW

  RegisterEventSourceW

  RegUnLoadKeyW

  RegOpenKeyExA

  RegLoadKeyW

  OpenProcessToken

  LookupPrivilegeValueA

  LookupAccountSidA

  LookupAccountSidW

  InitializeSecurityDescriptor

  GetUserNameA

  GetUserNameW

  GetTokenInformation

  GetLengthSid

  AdjustTokenPrivileges

  GetKernelObjectSecurity

  CryptSetProvParam

  CryptGetProvParam

  CryptDestroyHash

  CryptSignHashA

  CryptSetHashParam

  CryptCreateHash

  CryptImportKey

  CryptExportKey

  CryptReleaseContext

  CryptDestroyKey

  CryptGetUserKey

  CryptAcquireContextA

  CryptDecrypt

  InitiateSystemShutdownExW

  AbortSystemShutdownW

  shell32

  ShellExecuteExW

  SHAppBarMessage

  SHFileOperationA

  SHGetMalloc

  SHGetFileInfoA

  SHFileOperationW

  ShellExecuteW

  Shell_NotifyIconW

  DragQueryFileW

  DragFinish

  SHGetFolderPathA

  SHGetFolderPathW

  ord155

  SHGetSpecialFolderLocation

  SHGetFolderLocation

  SHGetPathFromIDListA

  SHGetPathFromIDListW

  SHBrowseForFolderW

  ole32

  CreateStreamOnHGlobal

  OleUninitialize

  CoTaskMemFree

  CoCreateGuid

  CoCreateInstance

  CoUninitialize

  CoInitialize

  GetHGlobalFromStream

  shlwapi

  PathGetArgsW

  PathUnquoteSpacesW

  PathAppendW

  comctl32

  ImageList_GetIconSize

  ImageList_Write

  ImageList_Read

  ImageList_GetIcon

  ImageList_ReplaceIcon

  ImageList_GetImageCount

  ImageList_Destroy

  ImageList_Create

  Sections

  .text

  Size: 103KB - Virtual size: 102KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 512B - Virtual size: 225B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .text3

  Size: 1024B - Virtual size: 1000B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rdata2

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 255KB - Virtual size: 254KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .text2

  Size: 1024B - Virtual size: 1000B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 160KB - Virtual size: 159KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ