54c1fb110e1677aa48db1197da596c5bffc365073b4e911d1815063c997cb088

General

Target

54c1fb110e1677aa48db1197da596c5bffc365073b4e911d1815063c997cb088
Size

74KB
MD5

67592a973f1289e418f84a389eee13e0
SHA1

17c8623252b472060daf0f96a3312f6202f02e94
SHA256

54c1fb110e1677aa48db1197da596c5bffc365073b4e911d1815063c997cb088
SHA512

0a55db3fbdf8a09e4d1ff8b703888303f2f2b36e9a67da05c4c34152ea28041669d94184b16a215fb328cc4348575a9633db0b08a32bec13d96804398a916465
SSDEEP

1536:EqNMDFpoVzygeShcyUXrw6BbBKV/1h/Q98ZSB2ncfZZXMM44TRa:1MgVzDhcX51D9PBXXMOTRa

Score

N/A

Malware Config

Signatures

Files

54c1fb110e1677aa48db1197da596c5bffc365073b4e911d1815063c997cb088
.dll windows x86

5137564c78dae3c35a74d9f403beb2a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_chkstk

user32

wvsprintfW

kernel32

lstrlenW
lstrcpyW
GetCurrentDirectoryW
SetCurrentDirectoryW
lstrcatW
LoadLibraryW
FreeLibrary
lstrcmpW
LocalAlloc
LocalFree
lstrcpynW
MulDiv
OutputDebugStringW
SetLastError
InterlockedExchange
GetLastError
LoadLibraryA
RaiseException
GetProcAddress

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

gdi32

STROBJ_vEnumStart
STROBJ_bEnumPositionsOnly
STROBJ_bGetAdvanceWidths
XFORMOBJ_iGetXform
BRUSHOBJ_pvGetRbrush
PATHOBJ_vGetBounds
PATHOBJ_vEnumStart
STROBJ_dwGetCodePage
FONTOBJ_pxoGetXform
CLIPOBJ_ppoGetPath
EngDeletePath
EngEraseSurface
BRUSHOBJ_pvAllocRbrush
XLATEOBJ_iXlate
EngDeletePalette
FONTOBJ_pvTrueTypeFontFile
FONTOBJ_pifi
PATHOBJ_bEnum
EngCreateDeviceSurface
EngDeleteSurface
EngAssociateSurface
EngCreatePalette

Exports

Exports

DllMain
DrvDisableDriver
DrvEnableDriver
DrvQueryDriverInfo

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 642B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5137564c78dae3c35a74d9f403beb2a3

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

user32

kernel32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 60KB - Virtual size: 60KB

.rsrc Size: 1024B - Virtual size: 960B

.reloc Size: 1024B - Virtual size: 642B

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 1024B - Virtual size: 960B

.reloc
Size: 1024B - Virtual size: 642B