46db3afeb13c133d2a52ea21c6e6eaaf64fa514b62105253e34177ecfe40fe6a

General

Target

46db3afeb13c133d2a52ea21c6e6eaaf64fa514b62105253e34177ecfe40fe6a
Size

171KB
MD5

6dde096221cc666f5b90d383d3a70a98
SHA1

1b5617b59d84e5baefa6173aac64ed355d3b3c44
SHA256

46db3afeb13c133d2a52ea21c6e6eaaf64fa514b62105253e34177ecfe40fe6a
SHA512

509b77f8ad15bb71fdcd48015de9e3991cb9cb36caa12e6b953a2b0805ca6b3a920655803d51882baaad82b8abce025ed75a1afba65b09ea3f225b46c66242f5
SSDEEP

3072:xwD6ltm/PBA27EH6eRqqTwtuokzZzIdlqJUVbSTsKbQx8dH/RENeH6AxUjN5Qchr:xtm/PC26qftuTITPcsKbQx+/R5aAA5

Score

N/A

Malware Config

Signatures

Files

46db3afeb13c133d2a52ea21c6e6eaaf64fa514b62105253e34177ecfe40fe6a
.dll windows x86

c093ae51700eac24d86fdd8a52282599

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FlushInstructionCache
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetProcessHeaps
GetThreadContext
GetThreadPriority
GlobalFlags
InitializeCriticalSection
InterlockedDecrement
InterlockedExchangeAdd
IsBadWritePtr
LoadLibraryA
OpenProcess
QueueUserAPC
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
SwitchToFiber
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnregisterWait
VirtualAlloc
VirtualFree
VirtualProtect
WaitForMultipleObjects
WaitForSingleObject

shell32

SHGetDiskFreeSpaceExA
SHGetFolderPathW
ShellHookProc
RegenerateUserEnvironment

msvcrt

_errno
_ftime
_endthreadex
_onexit
_setjmp3
calloc
exit
longjmp
tmpnam
_adjust_fdiv
__dllonexit
_initterm

wsock32

WSASetLastError
WSAGetLastError

Exports

Exports

ADeviceResumePlay
HrGetBodyElement
IsDigit
PszAllocW
SetColumns
SetScissorRect

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c093ae51700eac24d86fdd8a52282599

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

msvcrt

wsock32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 6KB - Virtual size: 5KB