external[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

external.dll
Size

178KB
MD5

a4aefc6e1b4a9c031819e5f032c980eb
SHA1

203844d11ee7efbc8dd2bef428bc78965a874634
SHA256

2028d2ca018addea78e1c220e07ad0d268f29f1900564060f6311cac66c51ebe
SHA512

8db706da4b577a6d906faac96210fcd02bf0c5604024bdd849e56b9786bd0a44138987fe338f4ef6c9c1fe050f963d17174380d5d0579c1cf2990292dc156a0b
SSDEEP

3072:Dj6PD6duy4KmLpAWWEeKRQlemmJz6cI+Pb7/VU9YEJf:DjSeduVK2DWKRNzEeVUCEJ

Score

N/A

Malware Config

Signatures

Files

external.dll
.dll windows x86

654912105bcf570cc9bf874c13cee01d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

tier0

g_pMemAlloc
Warning
Msg
?ConColorMsg@@YAXABVColor@@PBDZZ

lua_shared

lua_pcall
luaL_loadbuffer

kernel32

SetLastError
CreateFileW
OutputDebugStringW
WriteConsoleW
SetStdHandle
ReadConsoleW
LoadLibraryExW
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
HeapReAlloc
GetModuleFileNameW
GetOEMCP
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetStringTypeW
GetLastError
HeapFree
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
HeapAlloc
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetEndOfFile
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
GetProcessHeap
ExitProcess
GetModuleHandleExW
AreFileApisANSI
ReadFile
SetFilePointerEx
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
HeapSize
CloseHandle
GetModuleFileNameA

shell32

SHGetFolderPathA

Exports

Exports

CreateInterface
cvar

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

654912105bcf570cc9bf874c13cee01d

Headers

DLL Characteristics

File Characteristics

Imports

tier0

lua_shared

kernel32

shell32

Exports

Exports

Sections

.text Size: 123KB - Virtual size: 123KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 7KB - Virtual size: 20KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 123KB - Virtual size: 123KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 7KB - Virtual size: 20KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 8KB - Virtual size: 7KB