125a0000[.]dll[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

125a0000.dll.exe
Size

471KB
MD5

fd30bc0dd74f979359cf6961a7048770
SHA1

daf88765b66f22899557b4e9f71de67dbd639778
SHA256

1acaf0d47ed8f5f16f7e72fa53bea9134cb1cc43748285c2e347477ceb7d15dc
SHA512

11901886c89f423b4fc65f95c575303175cd9991d482db539f49c6890733f56eaec091d7526ce1f33d75b5186528a88a7199c7656d8133463c570c920d101926
SSDEEP

6144:umVtjA9X1u1kjIo71pnAtuETnsMZ+aBekhihU4i0emAkp6ShZorLRW+WE+enpi:Z+3jN71h4HTDZ+QeiitizcLZorLR7

Score

N/A

Malware Config

Signatures

Files

125a0000.dll.exe
.dll windows x64

d40ef14ecac28f632d62aa67486e7391

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mbstowcs
memcpy
_snwprintf
RtlNtStatusToDosError
memmove
strncmp
memcmp
strcmp
_snprintf
memset
StrChrA
StrCmpNA
StrStrIA
PathCombineW
StrStrA
PathFindFileNameW
StrChrW
StrRChrA
StrStrW
CryptUnprotectData
CryptStringToBinaryA
LocalFree
HeapAlloc
HeapFree
SetEvent
Sleep
CreateEventA
HeapDestroy
HeapCreate
GetLastError
GetModuleFileNameA
GetModuleHandleA
CloseHandle
CreateThread
SwitchToThread
FindFirstFileW
lstrlenA
GetCurrentDirectoryW
FindClose
SetCurrentDirectoryW
FindNextFileW
lstrcpyW
WaitForSingleObject
GetVersion
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcessId
OpenProcess
TerminateProcess
SetLastError
Process32FirstW
Process32NextW
lstrcmpiW
CreateToolhelp32Snapshot
GetFileSize
FreeLibrary
LoadLibraryW
LeaveCriticalSection
GetFileAttributesA
GetFileAttributesW
ReadFile
CreateFileW
GetProcAddress
EnterCriticalSection
LoadLibraryA
GetTempPathA
DeleteFileW
GetVersionExA
lstrlenW
OutputDebugStringA
GetCurrentThreadId
ExpandEnvironmentStringsW
DeleteCriticalSection
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
GetSystemTime
GetDiskFreeSpaceW
LockFileEx
HeapSize
DeleteFileA
AreFileApisANSI
GetTempPathW
FlushFileBuffers
HeapValidate
GetVersionExW
FormatMessageW
InitializeCriticalSection
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
LockFile
UnlockFile
QueryPerformanceCounter
SystemTimeToFileTime
SetEndOfFile
UnmapViewOfFile
LocalAlloc
GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
CreateMutexW
HeapCompact
SetFilePointer
TryEnterCriticalSection
MapViewOfFile
RegOpenKeyA
RegQueryValueExW
CryptHashData
RegCloseKey
CryptDestroyHash
CryptCreateHash
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CreateStreamOnHGlobal

Exports

Exports

PluginRegisterCallbacks

Sections

.text
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d40ef14ecac28f632d62aa67486e7391

Headers

File Characteristics

Imports

Exports

Exports

Sections

.text Size: 402KB - Virtual size: 401KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 8KB - Virtual size: 9KB

.pdata Size: 12KB - Virtual size: 11KB

.bss0 Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 402KB - Virtual size: 401KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 8KB - Virtual size: 9KB

.pdata
Size: 12KB - Virtual size: 11KB

.bss0
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB