daa84e40866e9e7108764d5cca7c0ceb6411984682b9021f3936159039b6cb2f

Sharing

Copy URL Twitter E-mail

General

Target

daa84e40866e9e7108764d5cca7c0ceb6411984682b9021f3936159039b6cb2f
Size

326KB
MD5

4b7342ffd7b11293d858b4a00bdefdf0
SHA1

07221aa5d029759df780821d8625c798563afc07
SHA256

daa84e40866e9e7108764d5cca7c0ceb6411984682b9021f3936159039b6cb2f
SHA512

fb9d442b753f7b7290ada97969e9470162d6b8db17faa9268679e6b5905b897d90a43819f74280e2591bfd6560d6ab11f4b50f416fba49452a83edd300c1632b
SSDEEP

6144:9/rICD1rc4v0u3RGOIScf3p9Mwhq/KJWuRi8SSLqQdk1vMR7GRQszFF7ljNk1Kgr:ZrICDrBGO9a3p9MtYeljekhRlL8p53g

Score

N/A

Malware Config

Signatures

Files

daa84e40866e9e7108764d5cca7c0ceb6411984682b9021f3936159039b6cb2f
.dll windows x86

b6bde9dc49121834035cc0b4e14411bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FatalExit
FreeEnvironmentStringsA
CreateThread
GetCurrentThreadId
GetLastError
ResumeThread
DebugBreak
SetEvent
ResetEvent
ReleaseMutex
GetLogicalDrives
GetFileSize
GetStdHandle
WriteFile
SetFilePointer
CloseHandle
lstrcpyA
GetCurrentProcess
CreateMutexA
CreateEventA
CreateSemaphoreA
GetCommandLineW
GetSystemDirectoryA
GetWindowsDirectoryA
GetCurrentDirectoryA
CreateFileA
DeleteFileA
GetVersionExA
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultLangID
GetUserDefaultLangID
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LocalFree
LocalAlloc
lstrcatA
GetVersion
IsDebuggerPresent

advapi32

GetUserNameA

user32

InSendMessageEx
CreateDialogParamA
GetDialogBaseUnits
OpenClipboard
CloseClipboard
IsCharLowerA
GetFocus
SetCapture
EndMenu
UpdateWindow
GetForegroundWindow
GetDC
ReleaseDC
MessageBoxA
DestroyWindow
GetCaretBlinkTime
GetSysColor
GetDesktopWindow
GetParent
FindWindowA
GetWindow
LoadCursorA
LoadIconA
DestroyIcon
CopyIcon
GetProcessWindowStation
TranslateMessage
GetMessagePos
IsChild
IsWindow
GetClassInfoExA
RegisterClassA
GetCursor
GetDoubleClickTime
InSendMessage
WaitMessage
PostMessageA
GetMessageTime
IsWindowVisible

ntdll

memcpy
memset

ole32

CoFreeUnusedLibraries
CoFreeAllLibraries
CoInitialize
OleUninitialize
CoSuspendClassObjects

gdi32

GdiFlush
DeleteDC
MoveToEx

shlwapi

SHReleaseThreadRef

shell32

DragFinish
CommandLineToArgvW
DuplicateIcon

winmm

timeGetTime

version

VerQueryValueA
GetFileVersionInfoA

winspool.drv

GetPrinterDriverA
OpenPrinterA

Sections

.text
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6bde9dc49121834035cc0b4e14411bb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

ntdll

ole32

gdi32

shlwapi

shell32

winmm

version

winspool.drv

Sections

.text Size: 229KB - Virtual size: 228KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 58KB - Virtual size: 59KB

.rsrc Size: 1024B - Virtual size: 1020B

.reloc Size: 26KB - Virtual size: 26KB

.text
Size: 229KB - Virtual size: 228KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 58KB - Virtual size: 59KB

.rsrc
Size: 1024B - Virtual size: 1020B

.reloc
Size: 26KB - Virtual size: 26KB