6bd89d31411efdb181cd013473f611099e3fae8322c5d5c34ba2b301366d3290

Sharing

Copy URL Twitter E-mail

General

Target

6bd89d31411efdb181cd013473f611099e3fae8322c5d5c34ba2b301366d3290
Size

562KB
MD5

6393de69f5df83e2640b8ca724839596
SHA1

0446b53d858299f8abd887781596a681d6facd04
SHA256

6bd89d31411efdb181cd013473f611099e3fae8322c5d5c34ba2b301366d3290
SHA512

e09d5731f8c3d897141fc73bb1caa5ca2c84da7fa582510f4fef8bb8ce159104f70ae8b16e1711fc5c33dfd6bf09d94c89baeb0b4be32b618f2580109546747a
SSDEEP

12288:cLOYaxPLbGlTNyz1bLPZKhyfpzctlxYuC2jlux/Gh:6OYaxj6lTgzBLRKsNct/xC2jcxe

Score

N/A

Malware Config

Signatures

Files

6bd89d31411efdb181cd013473f611099e3fae8322c5d5c34ba2b301366d3290
.dll windows x86

c7a4454ee5e538529fd4291afaf9e422

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_lock
_unlock
free
malloc
memcpy
memset
ldexp
??_V@YAXPAX@Z
??_U@YAPAXI@Z
_vsnwprintf
_wcsicmp
memmove
_purecall
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
__dllonexit
_onexit
frexp

kernel32

SetLastError
InterlockedExchange
Sleep
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlCaptureStackBackTrace
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetVersion
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GetCurrentThread
TerminateThread
TerminateProcess
IsDebuggerPresent
GetCurrentProcess
GetCurrentThreadId
InterlockedCompareExchange
GetModuleHandleW
GetProcessHeap
HeapReAlloc
HeapAlloc
HeapFree
GetProcAddress
LoadLibraryA
GetLastError
FreeResource
SizeofResource
LockResource
LoadResource
DisableThreadLibraryCalls
GetSystemInfo
GetVersionExW
InterlockedIncrement
InterlockedDecrement
IsProcessorFeaturePresent
lstrcmpW
CompareStringW
MultiByteToWideChar
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FindResourceW

ole32

PropVariantClear
CoLockObjectExternal
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc

ntdll

DbgPrintEx
DbgPrompt
DbgBreakPoint
NtQuerySystemInformation
RtlSetBits
RtlInitializeBitMap

oleaut32

VariantChangeType
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
VariantInit

windowscodecs

WICMapSchemaToName
WICMatchMetadataContent

Exports

Exports

DllGetClassObject
IWICColorTransform_Initialize_Proxy
WICCreateColorTransform_Proxy

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 218KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c7a4454ee5e538529fd4291afaf9e422

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

ole32

ntdll

oleaut32

windowscodecs

Exports

Exports

Sections

.text Size: 118KB - Virtual size: 118KB

.data Size: 2KB - Virtual size: 13KB

.rsrc Size: 214KB - Virtual size: 214KB

.reloc Size: 8KB - Virtual size: 7KB

.text Size: 218KB - Virtual size: 220KB

.text
Size: 118KB - Virtual size: 118KB

.data
Size: 2KB - Virtual size: 13KB

.rsrc
Size: 214KB - Virtual size: 214KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 218KB - Virtual size: 220KB