DCF43AACE0E64EC84E5243259A0982DD[.]fil

Sharing

Copy URL Twitter E-mail

General

Target

DCF43AACE0E64EC84E5243259A0982DD.fil
Size

197KB
MD5

dcf43aace0e64ec84e5243259a0982dd
SHA1

176300f78e311c67b11cb72d30604bc3ee5ded04
SHA256

b2e45cd6788c1f77ad7d91372f80ed9fb9d2552810d4ddd7b81ab3ae682e3980
SHA512

4b79dd0c14449dd14ba2b23f89d9928b7ac469b2d58a2cbaeb0094fa0c5cebc418d47a99800db41a016a004f0267c14ba4384a94e0f50706a0c835c3b698e11a
SSDEEP

3072:UuVdovIMUoDgZBmQ/3BWTBfXJO9gKAu/YVEqAMI5MSaNoajixQvUZ3CaakNS92Vl:TACBf/3BWTBBoYVEzMVSGoajuQ4LVE1

Score

N/A

Malware Config

Signatures

Files

DCF43AACE0E64EC84E5243259A0982DD.fil
.dll windows x86

86fd0684f9a7fccdcd35cc529e1175b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
HeapFree
lstrcpyA
HeapAlloc
WideCharToMultiByte
lstrlenW
VirtualFree
CloseHandle
WriteFile
ReadFile
CreateFileA
VirtualAlloc
CopyFileA
lstrcmpiA
MultiByteToWideChar
GetModuleHandleA
lstrcatA
lstrlenA
SetFilePointer
CreateEventA
GetCurrentProcessId
ReadProcessMemory
VirtualQueryEx
TerminateProcess
SetThreadContext
WriteProcessMemory
VirtualAllocEx
GetThreadContext
GetLastError
CreateProcessW
GetProcAddress
lstrcmpA
VirtualProtect
lstrcpyW
lstrcmpiW
ExitProcess
LoadLibraryA
FreeLibrary
HeapDestroy
CreateDirectoryA
GetTempPathA
GetModuleFileNameA
HeapCreate
SetEnvironmentVariableA
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentThreadId
GetTickCount
WaitForSingleObject
CompareFileTime
GetProcessTimes
GetCurrentProcess
GetFileTime
GetFileSize
GetFileAttributesA
GetFileAttributesW
CreateFileW
OpenEventA
ExitThread
SetEvent
WaitForMultipleObjects
CreateThread
GetProcessHeap

user32

CharLowerA
wsprintfA
MessageBoxA
SetWindowLongA
DispatchMessageA
GetMessageA
PostMessageA
KillTimer
DefWindowProcA
SendMessageA
GetWindowLongA
UnregisterClassA
DestroyWindow
CreateWindowExA
RegisterClassExA
SetTimer

Exports

Exports

DllInit
Game

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RLD0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RLD1
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86fd0684f9a7fccdcd35cc529e1175b6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 1KB - Virtual size: 2KB

.RLD0 Size: 2KB - Virtual size: 1KB

.RLD1 Size: 125KB - Virtual size: 124KB

.reloc Size: 1024B - Virtual size: 944B

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 1KB - Virtual size: 2KB

.RLD0
Size: 2KB - Virtual size: 1KB

.RLD1
Size: 125KB - Virtual size: 124KB

.reloc
Size: 1024B - Virtual size: 944B