de60000[.]dll[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

de60000.dll.exe
Size

458KB
MD5

af72ea48ac7d24c55e2f2ada62a5b4bd
SHA1

f1fc07ee61433d5ccbfd6b6f1371c5ccc48cb99e
SHA256

2d2260706c8645b803047eaeca3b1f2cae7c9317521dbc8b725a4f60676c84d1
SHA512

32695e99a05f91db83a0e92513bd48e123859a01315fa1443540ba87992007ea429dcb6c3816bad3632e8dfc4e8234dbee65cbe9dffd12a453f58d89a174f028
SSDEEP

12288:S5WvIcqgICTR6RB2JiIoHxXmwNrLR3Rj:aWwcRICTkBIoR2w/

Score

N/A

Malware Config

Signatures

Files

de60000.dll.exe
.dll windows x64

8e8acac80ed55cba869218b3900e3692

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

memset
mbstowcs
memcpy
RtlNtStatusToDosError
memmove
_snwprintf
strncmp
memcmp
strcmp
StrCmpNA
StrStrIA
PathCombineW
StrStrA
PathFindFileNameW
StrChrW
StrStrW
StrChrA
CryptUnprotectData
CryptStringToBinaryA
HeapCreate
GetLastError
CloseHandle
CreateThread
SwitchToThread
FindFirstFileW
lstrlenA
GetCurrentDirectoryW
FindClose
SetCurrentDirectoryW
FindNextFileW
lstrcpyW
WaitForSingleObject
GetModuleHandleA
GetVersion
LocalFree
WideCharToMultiByte
MultiByteToWideChar
ExpandEnvironmentStringsW
OpenProcess
TerminateProcess
SetLastError
HeapDestroy
Process32NextW
lstrcmpiW
CreateToolhelp32Snapshot
GetFileSize
FreeLibrary
LoadLibraryW
LeaveCriticalSection
GetFileAttributesA
GetFileAttributesW
ReadFile
CreateFileW
GetProcAddress
EnterCriticalSection
LoadLibraryA
GetTempPathA
GetCurrentProcessId
DeleteFileW
HeapFree
HeapAlloc
lstrlenW
CreateEventA
Sleep
Process32FirstW
GetVersionExA
OutputDebugStringA
DeleteCriticalSection
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
DeleteFileA
AreFileApisANSI
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
GetVersionExW
FormatMessageW
InitializeCriticalSection
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
LockFile
UnlockFile
QueryPerformanceCounter
SetEvent
LocalAlloc
GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
CreateMutexW
HeapCompact
SetFilePointer
TryEnterCriticalSection
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
SystemTimeToFileTime
GetSystemTime
RegQueryValueExW
CryptHashData
RegCloseKey
CryptDestroyHash
RegOpenKeyA
CryptCreateHash
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CreateStreamOnHGlobal

Exports

Exports

PluginRegisterCallbacks

Sections

.text
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e8acac80ed55cba869218b3900e3692

Headers

File Characteristics

Imports

Exports

Exports

Sections

.text Size: 392KB - Virtual size: 392KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 8KB - Virtual size: 9KB

.pdata Size: 12KB - Virtual size: 11KB

.bss0 Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 392KB - Virtual size: 392KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 8KB - Virtual size: 9KB

.pdata
Size: 12KB - Virtual size: 11KB

.bss0
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB