d0cbfef6782701a4c0916dbee12f4b8c73e6f50050c0c34f9fc99674ea43dfeb

Sharing

Copy URL Twitter E-mail

General

Target

d0cbfef6782701a4c0916dbee12f4b8c73e6f50050c0c34f9fc99674ea43dfeb
Size

96KB
MD5

195599f65310a533be05b6696867cff5
SHA1

7d4c9d341f91d01d066fb0d5c15f497c79a0ffee
SHA256

d0cbfef6782701a4c0916dbee12f4b8c73e6f50050c0c34f9fc99674ea43dfeb
SHA512

34c2a452d5741f7210219cca03dc1c3f58a750af0f1b99b5087d94211c1b857b8b2dd451051807b6d5979403e4663355e04abca0cde7515c46adc8a867c40fb2
SSDEEP

1536:jVapiVKtQiiOKSlPhkZ1rDTCVT/kCA4UO3gaHYruDRsrb:jVaftQSKSkLOVT8COO3H9Ru

Score

N/A

Malware Config

Signatures

Files

d0cbfef6782701a4c0916dbee12f4b8c73e6f50050c0c34f9fc99674ea43dfeb
.dll windows x86

9d4834e9b468ced45a0b2a3d6be14a60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateThread
CreateEventW
HeapFree
ReadFileEx
GetOverlappedResult
DeviceIoControl
GetLastError
WaitForSingleObjectEx
SetThreadPriority
HeapDestroy
DeleteCriticalSection
GetProcessHeap
HeapCreate
DisableThreadLibraryCalls
InitializeCriticalSection
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
ExitThread
InterlockedIncrement
FormatMessageW
lstrlenW
RaiseException
lstrcmpiW
InterlockedDecrement
lstrcpyW
GetModuleFileNameW
lstrcpynW
FreeLibrary
MultiByteToWideChar
WaitForMultipleObjects
LocalAlloc
LocalFree
GetLocaleInfoA
lstrcatW
InterlockedCompareExchange
FreeResource
HeapAlloc
SetEvent
ResetEvent
EnterCriticalSection
LeaveCriticalSection
Sleep
WaitForSingleObject
GetCurrentProcess
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GlobalFree
VirtualProtect
GlobalAlloc
InterlockedExchange
GetCommandLineA

user32

SetWindowLongW
RegisterDeviceNotificationW
RegisterClassA
EndPaint
GetClientRect
UnregisterClassA
LoadCursorW
LoadIconW
CharNextW
LoadImageW
PostQuitMessage
RegisterClassW
CreateWindowExW
PeekMessageW
TranslateMessage
DispatchMessageW
MsgWaitForMultipleObjects
DefWindowProcW
GetWindowLongW
UnregisterDeviceNotification
DestroyWindow
BeginPaint

advapi32

RegDeleteKeyW
CloseServiceHandle
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegisterTraceGuidsW
UnregisterTraceGuids
ReportEventW
OpenServiceW
QueryServiceStatus
TraceMessage

gdi32

GetStockObject

ole32

CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CLSIDFromString
StringFromCLSID

rpcrt4

RpcBindingFromStringBindingW
RpcStringFreeW
RpcBindingSetOption
RpcBindingSetAuthInfoW
RpcBindingFree
RpcStringBindingComposeW

msvcr71

_except_handler3
_initterm
_adjust_fdiv
wcscpy
_callnewh
malloc
swprintf
wcslen
wcscmp
_onexit
memcpy
_amsg_exit
memset
_XcptFilter
__CppXcptFilter
__dllonexit
free

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d4834e9b468ced45a0b2a3d6be14a60

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

msvcr71

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 4KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 4KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB