General

Malware Config

Signatures

Files

• f01423868e8cfd624a899be442880d06bc0d30dff43b8a104276ea5400fe75fd

  .dll windows x86

  3bfe73aafc669d5db51210e1700fd28e

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  VerSetConditionMask

  GetSystemDirectoryA

  LoadLibraryA

  GetModuleHandleA

  CloseHandle

  WaitForSingleObject

  FormatMessageA

  ReadFile

  PeekNamedPipe

  WaitForMultipleObjects

  GetFileType

  GetStdHandle

  ExpandEnvironmentStringsA

  VerifyVersionInfoA

  SleepEx

  GetTickCount

  GetLastError

  SetLastError

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSection

  DeleteCriticalSection

  FreeLibrary

  GetProcAddress

  GetProcessHeap

  SetEndOfFile

  GetDriveTypeW

  SetEnvironmentVariableA

  CompareStringW

  Sleep

  GetStringTypeW

  WriteConsoleW

  HeapSize

  GetCurrentDirectoryW

  CreateFileA

  GetFullPathNameA

  SetStdHandle

  FlushFileBuffers

  LCMapStringW

  MultiByteToWideChar

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  QueryPerformanceCounter

  HeapDestroy

  HeapCreate

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetModuleFileNameA

  GetStartupInfoW

  SetHandleCount

  GetModuleFileNameW

  InterlockedDecrement

  InterlockedIncrement

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  LoadLibraryW

  CreateFileW

  GetTimeZoneInformation

  WinExec

  GetModuleHandleW

  ExitProcess

  DecodePointer

  ExitThread

  ResumeThread

  CreateThread

  GetCurrentThreadId

  GetCommandLineA

  HeapReAlloc

  HeapFree

  HeapAlloc

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  GetFileInformationByHandle

  SetFilePointer

  FindClose

  GetDriveTypeA

  FindFirstFileExA

  RaiseException

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  IsProcessorFeaturePresent

  EncodePointer

  WriteFile

  WideCharToMultiByte

  GetConsoleCP

  GetConsoleMode

  InitializeCriticalSectionAndSpinCount

  RtlUnwind

  advapi32

  CryptGetHashParam

  CryptGenRandom

  CryptImportKey

  CryptEncrypt

  CryptDestroyKey

  CryptReleaseContext

  CryptDestroyHash

  CryptHashData

  CryptCreateHash

  CryptAcquireContextA

  ws2_32

  ntohl

  htonl

  gethostname

  ioctlsocket

  listen

  accept

  sendto

  getaddrinfo

  freeaddrinfo

  connect

  socket

  closesocket

  getpeername

  getsockopt

  htons

  bind

  ntohs

  getsockname

  setsockopt

  WSAIoctl

  send

  recv

  select

  WSAGetLastError

  __WSAFDIsSet

  WSASetLastError

  WSAStartup

  WSACleanup

  recvfrom

  wldap32

  ord22

  ord211

  ord143

  ord60

  ord50

  ord26

  ord30

  ord200

  ord32

  ord35

  ord79

  ord33

  ord301

  ord27

  ord41

  ord46

  crypt32

  CertFreeCertificateContext

  Exports

  Exports

  curl_easy_cleanup

  curl_easy_duphandle

  curl_easy_escape

  curl_easy_getinfo

  curl_easy_init

  curl_easy_pause

  curl_easy_perform

  curl_easy_recv

  curl_easy_reset

  curl_easy_send

  curl_easy_setopt

  curl_easy_strerror

  curl_easy_unescape

  curl_easy_upkeep

  curl_escape

  curl_formadd

  curl_formfree

  curl_formget

  curl_free

  curl_getdate

  curl_getenv

  curl_global_cleanup

  curl_global_init

  curl_global_init_mem

  curl_global_sslset

  curl_maprintf

  curl_mfprintf

  curl_mime_addpart

  curl_mime_data

  curl_mime_data_cb

  curl_mime_encoder

  curl_mime_filedata

  curl_mime_filename

  curl_mime_free

  curl_mime_headers

  curl_mime_init

  curl_mime_name

  curl_mime_subparts

  curl_mime_type

  curl_mprintf

  curl_msnprintf

  curl_msprintf

  curl_multi_add_handle

  curl_multi_assign

  curl_multi_cleanup

  curl_multi_fdset

  curl_multi_info_read

  curl_multi_init

  curl_multi_perform

  curl_multi_remove_handle

  curl_multi_setopt

  curl_multi_socket

  curl_multi_socket_action

  curl_multi_socket_all

  curl_multi_strerror

  curl_multi_timeout

  curl_multi_wait

  curl_mvaprintf

  curl_mvfprintf

  curl_mvprintf

  curl_mvsnprintf

  curl_mvsprintf

  curl_pushheader_byname

  curl_pushheader_bynum

  curl_share_cleanup

  curl_share_init

  curl_share_setopt

  curl_share_strerror

  curl_slist_append

  curl_slist_free_all

  curl_strequal

  curl_strnequal

  curl_unescape

  curl_url

  curl_url_cleanup

  curl_url_dup

  curl_url_get

  curl_url_set

  curl_version

  curl_version_info

  Sections

  .text

  Size: 307KB - Virtual size: 306KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 62KB - Virtual size: 61KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 5KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 48KB - Virtual size: 48KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 17KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ