15f20000[.]dll[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

15f20000.dll.exe
Size

465KB
MD5

d02d1cd6f5610d837ef58906034971bd
SHA1

2ed158a5c56875fa84e960851d7f49434f0e74b6
SHA256

0fb63a8cc57f1f074b7d8d730e6eaa2b0c8f9a131af559eef4e32e0e8a812dc6
SHA512

0e5db30b07b0b539ed181b6d764fcada547330fcda8cdba288d9a2bb555499fe4ff93773424011d26a594f1622e58e5d700f84c67eb14f53a6f672b09b78154f
SSDEEP

12288:mLs5pGwFbmeTVmgmk76o3UP7TkMELR0V7NFGI:mQ5Ew5meTzmMUPfkopNFGI

Score

N/A

Malware Config

Signatures

Files

15f20000.dll.exe
.dll windows x64

354e6814b75ad142dacc7c0bb78709f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

RtlNtStatusToDosError
memmove
strncmp
memcmp
strcmp
memset
memcpy
_snwprintf
_snprintf
StrStrIA
PathFindFileNameW
StrCmpNA
StrChrW
StrToIntExA
StrRChrA
PathCombineW
StrChrA
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
GetDiskFreeSpaceW
LockFileEx
lstrlenW
LocalAlloc
GetCurrentThreadId
OutputDebugStringA
GetCurrentProcessId
LocalFree
HeapAlloc
HeapFree
SetEvent
Sleep
CreateEventA
HeapDestroy
HeapCreate
GetLastError
GetModuleFileNameA
GetModuleHandleA
CloseHandle
CreateThread
SwitchToThread
FindFirstFileW
FindClose
FindNextFileW
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
ExpandEnvironmentStringsW
GetSystemInfo
FreeLibrary
WaitForSingleObject
LoadLibraryW
LeaveCriticalSection
GetFileAttributesA
GetFileAttributesW
ReadFile
CreateFileW
GetProcAddress
EnterCriticalSection
LoadLibraryA
HeapSize
GetTempPathW
DeleteFileA
AreFileApisANSI
GetSystemTime
GetVersionExA
DeleteFileW
FlushFileBuffers
HeapValidate
GetVersionExW
FormatMessageW
InitializeCriticalSection
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
LockFile
GetFileAttributesExW
DeleteCriticalSection
GetFileSize
GetTempPathA
GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
CreateMutexW
HeapCompact
SetFilePointer
TryEnterCriticalSection
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
SystemTimeToFileTime
QueryPerformanceCounter
UnlockFile
SHGetFolderPathW
CoUninitialize
CreateStreamOnHGlobal
CoInitializeEx
CryptBinaryToStringW
CryptStringToBinaryA
CryptUnprotectData

Exports

Exports

PluginRegisterCallbacks

Sections

.text
Size: 397KB - Virtual size: 397KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

354e6814b75ad142dacc7c0bb78709f1

Headers

File Characteristics

Imports

Exports

Exports

Sections

.text Size: 397KB - Virtual size: 397KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 8KB - Virtual size: 9KB

.pdata Size: 12KB - Virtual size: 11KB

.bss0 Size: 2KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 397KB - Virtual size: 397KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 8KB - Virtual size: 9KB

.pdata
Size: 12KB - Virtual size: 11KB

.bss0
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB