General

Malware Config

Signatures

Files

• 63297b019069d.pdf

  .dll windows x86

  f6f50e027a4c4acd49d92eaf66f7a1de

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  mscms

  GetStandardColorSpaceProfileW

  gdi32

  GetPixelFormat

  FillPath

  GetStockObject

  GetMetaFileA

  GetTextColor

  GetPolyFillMode

  GetTextExtentExPointI

  GetTextExtentExPointW

  GetCharacterPlacementW

  GetFontUnicodeRanges

  GdiSetBatchLimit

  GetPath

  GetDIBColorTable

  DeleteColorSpace

  secur32

  DecryptMessage

  FreeContextBuffer

  wininet

  GetUrlCacheEntryInfoExA

  kernel32

  GetConsoleTitleA

  GetCurrentDirectoryA

  EnumSystemLocalesW

  EnumSystemGeoID

  GetProfileStringW

  GetVolumePathNamesForVolumeNameW

  DefineDosDeviceA

  WriteProfileStringW

  EnumTimeFormatsA

  GetTapeStatus

  DeleteTimerQueueTimer

  GetSystemTime

  VirtualQueryEx

  GetUserDefaultLangID

  VirtualFree

  GetTapePosition

  GetStringTypeW

  FindFirstFileW

  GlobalLock

  FindResourceExA

  GetComputerNameW

  EnumResourceNamesW

  GetTimeFormatA

  GetSystemTimeAsFileTime

  GetConsoleMode

  lstrlenA

  GetExitCodeProcess

  IsValidCodePage

  GetSystemDefaultLangID

  GetCurrentThreadId

  GetModuleFileNameW

  GetBinaryTypeW

  ExitThread

  lstrcmpiW

  VirtualFreeEx

  VirtualProtectEx

  GetTempPathA

  GetSystemPowerStatus

  GetFileAttributesExW

  ws2_32

  shutdown

  winspool.drv

  DeletePrinter

  FindFirstPrinterChangeNotification

  msvcrt

  memset

  _time64

  strtol

  strtoul

  fputws

  strcspn

  strspn

  tolower

  strcmp

  comdlg32

  GetSaveFileNameA

  GetSaveFileNameW

  user32

  DrawIcon

  FindWindowW

  GetKeyNameTextW

  InsertMenuA

  FlashWindow

  LoadKeyboardLayoutA

  LoadIconA

  GetUserObjectInformationW

  GetWindowInfo

  GetClipboardSequenceNumber

  ModifyMenuA

  GetUpdateRect

  GetClassInfoA

  GetClassInfoExA

  GetWindowRect

  GetWindowTextW

  GetMenuStringW

  GetProcessDefaultLayout

  GetPropW

  DefMDIChildProcW

  DefWindowProcA

  LoadMenuW

  LoadCursorW

  EnumWindowStationsW

  GetWindowTextA

  oleaut32

  GetErrorInfo

  version

  GetFileVersionInfoSizeA

  advapi32

  IsValidAcl

  GetServiceDisplayNameW

  RegOpenKeyA

  GetOldestEventLogRecord

  GetFileSecurityW

  LookupPrivilegeNameW

  GetServiceKeyNameA

  GetSidIdentifierAuthority

  LookupAccountSidW

  GetLengthSid

  shell32

  ExtractAssociatedIconExW

  ExtractAssociatedIconA

  powrprof

  IsPwrHibernateAllowed

  urlmon

  IsValidURL

  Sections

  .text

  Size: 92KB - Virtual size: 89KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 264KB - Virtual size: 260KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 16KB - Virtual size: 23KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 8KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .erloc

  Size: 108KB - Virtual size: 107KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 4KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 8KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ