d66304251f3407d1840065b40662280acc909c3972fb93f99fa07a47c3221b77

Sharing

Copy URL

Twitter E-mail

General

Target

d66304251f3407d1840065b40662280acc909c3972fb93f99fa07a47c3221b77
Size

492KB
MD5

b07b51f2aaec02e2b4200e028a726442
SHA1

fb3d5e9fc43aea2f11748a7ea214b0f95e61a7bd
SHA256

d66304251f3407d1840065b40662280acc909c3972fb93f99fa07a47c3221b77
SHA512

d9295f4550b8a71f2e7cd66e983620e2c4974c27fc60bfa49bda76de31ae74a05a889c8c6f5c2d93a1faeb4c2f0318ff0e778a6291bbc9bbf283e5106f50a51e
SSDEEP

12288:zlJId4XKBKjWgm1dLnROcuDgxrPwTPwf5w3Nw9PAv:z/uMGtnRzx0sK2iv

Score

N/A

Malware Config

Signatures

Files

d66304251f3407d1840065b40662280acc909c3972fb93f99fa07a47c3221b77
.dll windows x86

691e0e5bb01c2ba486b5e69e614042cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetViewportOrgEx
SetWindowOrgEx

pdh

PdhAddCounterW

advapi32

RegCloseKey
CryptContextAddRef
CryptGenKey
CreateRestrictedToken
CryptAcquireContextW

shlwapi

AssocGetPerceivedType

ws2_32

WSACleanup
inet_addr

ole32

CoCreateInstanceEx
CoGetObjectContext
StringFromGUID2

ntdsapi

DsGetDomainControllerInfoW

msvcrt

wcscoll

imm32

ImmGetCandidateListW

setupapi

SetupDiOpenDeviceInterfaceW

winmm

waveOutGetPitch

rpcrt4

NdrGetUserMarshalInfo
RpcMgmtSetCancelTimeout

wininet

InternetReadFile

user32

DefMDIChildProcW
IsWinEventHookInstalled
BlockInput
FillRect
GetWindowContextHelpId
TranslateMessage
GetWindowTextA
GetClassNameA

esent

JetInit

iphlpapi

GetIpAddrTable

kernel32

VirtualAllocEx
InitAtomTable
GetProcessVersion
DeleteTimerQueue
CreateFileW
CloseHandle
GetModuleFileNameW

lz32

LZCopy

Exports

Exports

Mbooserntyerdwq

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 420KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

691e0e5bb01c2ba486b5e69e614042cf

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

pdh

advapi32

shlwapi

ws2_32

ole32

ntdsapi

msvcrt

imm32

setupapi

winmm

rpcrt4

wininet

user32

esent

iphlpapi

kernel32

lz32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 420KB - Virtual size: 418KB

.data Size: 24KB - Virtual size: 30KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 420KB - Virtual size: 418KB

.data
Size: 24KB - Virtual size: 30KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 4KB