0d0bd1bdd131e974d10a5b0e94692b8a9c1c569909dc7dafa52d9c13a000c128

General

Target

0d0bd1bdd131e974d10a5b0e94692b8a9c1c569909dc7dafa52d9c13a000c128
Size

51KB
MD5

75c00f49130884da9fcfec0b7c7ce4ba
SHA1

40233da2c4f894ea5189b5099f068b155f4311e1
SHA256

0d0bd1bdd131e974d10a5b0e94692b8a9c1c569909dc7dafa52d9c13a000c128
SHA512

9bbfeb105d54f32f26472f50238c2b857f9d9d61448399f679ca4a3b0e11e1d7acba16f326f4d493f5ea6ad5051e06a32a53c4ffd5377ddfac3dd472a91c7bca
SSDEEP

768:xRFRnDZH5iBYnZGOFJBUCxUtlbFB2m2QC3PjVjQfSqU7K/+V4d0P6nbzb:xR/DvBnDj3xG2m2QqPjVjQlEpu0Sbz

Score

N/A

Malware Config

Signatures

Files

0d0bd1bdd131e974d10a5b0e94692b8a9c1c569909dc7dafa52d9c13a000c128
.dll windows x86

6e8cbe880e0a6130877ff558972630ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dpwsiext

_ltoa
ImmIsUIMessageA
_toupper
Control_FillCache_RunDLL
wcscpy
sprintf
ImmConfigureIMEA
_ultow
wcsncat
sqrt
ImmRequestMessageA
isalpha
ImmGetHotKey
_memicmp
ExtractIconA
IsLFNDriveA
PathYetAnotherMakeUniqueName
wcstombs
DAD_ShowDragImage

kernel32

OpenThread
LeaveCriticalSection
GetEnvironmentStringsA
MapViewOfFile
TransactNamedPipe
CreateNamedPipeA
CreateEventA
GetSystemTimes
IsProcessorFeaturePresent
InitializeCriticalSection
FreeEnvironmentStringsA
VirtualQuery
RegisterWaitForSingleObject
ReadFile
lstrcmpiA
CreateFileMappingA
UnmapViewOfFile
CreateFileA
EnterCriticalSection
SetFilePointer
ExpandEnvironmentStringsA
SleepEx
InterlockedExchangeAdd
GetThreadIOPendingFlag
ExitProcess
WaitForMultipleObjects
MapViewOfFileEx

Exports

Exports

CreateProcessNotify
dwwidsvr

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e8cbe880e0a6130877ff558972630ff

Headers

File Characteristics

Imports

dpwsiext

kernel32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 1KB - Virtual size: 4KB

.data Size: 11KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 4KB