96f8aeccc2e14519f264a480b348541c5e98c7e44b2d0b8e175da66242e83e19

Sharing

Copy URL Twitter E-mail

General

Target

96f8aeccc2e14519f264a480b348541c5e98c7e44b2d0b8e175da66242e83e19
Size

170KB
MD5

03ca87431ff0772200b9ed16202b554f
SHA1

7290ae94be4bf9a9dd6646ccdafbcb528a013d21
SHA256

96f8aeccc2e14519f264a480b348541c5e98c7e44b2d0b8e175da66242e83e19
SHA512

ffb2b4ab4527a9853fc15c31901b9d9ebf7f88432d61c908f686c6dda207f8f7626d220b5c083ecedeb415ac34c89adabe21a2bb4feb5233dcf3d20059c3b93f
SSDEEP

3072:KGcMgnf2BPyLpHeyhiOEbngElRCKfauEQEMq4P/8+G:OM9aLwQiTzlsKfvTqM

Score

N/A

Malware Config

Signatures

Files

96f8aeccc2e14519f264a480b348541c5e98c7e44b2d0b8e175da66242e83e19
.dll windows x86

f8d8c35973d8661c1a7a739b6b222a60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit
wcslen

advapi32

ReportEventW
DeregisterEventSource
RegisterEventSourceW
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
TraceMessage
RegCloseKey
RegSetValueExW
RegCreateKeyExW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
RegOpenKeyExW
RegQueryValueExW

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

kernel32

CreateThread
GetLastError
SetEvent
CreateTimerQueue
DeleteTimerQueueEx
CreateTimerQueueTimer
DeleteTimerQueueTimer
HeapAlloc
GetProcessHeap
HeapFree
DisableThreadLibraryCalls
CloseHandle
WaitForSingleObject
WaitForMultipleObjects
CreateEventW
VirtualProtect
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSection
InterlockedIncrement
VirtualAlloc
InterlockedDecrement

rpcrt4

UuidCreate

crypt32

CertCloseStore
CertControlStore
CertFreeCertificateChain
CertGetCertificateChain
CertFreeCertificateContext
CertOpenStore
CertGetCertificateContextProperty
CertFindCertificateInStore
CertVerifyTimeValidity
CertNameToStrW

userenv

LeaveCriticalPolicySection
RegisterGPNotification
EnterCriticalPolicySection
UnregisterGPNotification

winipsec

ord34
ord48
ord38
ord28
ord33
ord47
ord78
ord23
ord39
ord24
ord29
ord57
ord79

Exports

Exports

ServiceMain
UninitializeNapIpsecRp

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8d8c35973d8661c1a7a739b6b222a60

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

ole32

kernel32

rpcrt4

crypt32

userenv

winipsec

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 22KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 143KB - Virtual size: 143KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 22KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 143KB - Virtual size: 143KB

.reloc
Size: 2KB - Virtual size: 1KB