ivbRCkW[.]dll_1

Sharing

Copy URL

Twitter E-mail

General

Target

ivbRCkW.dll_1
Size

5.1MB
MD5

ee87787421bace4b04818fbc68c70e98
SHA1

1fc95f10193ca6b9d5af0a6e783ac9eb7f3504fb
SHA256

30fab2917ad162ab4c04e71e88f9a77cb3daf5da591ab5047b7e0bbb0a1c1331
SHA512

91c821ecd2be410918f50d0d4a1683924da0c6fed0e16c3f6c7fe5c4d4318af8a3d20d3ee91850e4b1b99d83d6ca2981ef906981a9da7c32d3ac05bd2c0400f9
SSDEEP

98304:TxfCcNgEk3LLknkowA/OhVCpjX58XNV2EfbI3ayGIz5AWMh:gcNULukowAOVC158XNV2EfEqyDKW

Score

N/A

Malware Config

Signatures

Files

ivbRCkW.dll_1
.dll windows x86

76659be16cecb1a64356c6d626f46322

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetVersion
GetVersionExW
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

comctl32

FlatSB_SetScrollInfo

shell32

Shell_NotifyIconW

ole32

IsEqualGUID

version

GetFileVersionInfoSizeW

user32

CopyImage
GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

oleaut32

GetErrorInfo

msvcrt

strncmp

netapi32

NetWkstaGetInfo

advapi32

RegEnumKeyExW

gdi32

Arc

wtsapi32

WTSSendMessageW

Exports

Exports

PKfLdgwGit
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

l\8m<g<
Size: - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

n^+GlNs
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

][_jYP[Q
Size: - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.59H*%Y=
Size: - Virtual size: 26KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

L#XeSZt!
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

&kgFp<C*
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qYJW4Z&k
Size: - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

8v%G1U*g
Size: - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Q\+3.%JP
Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_kc"e:Nu
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

QwB" \Eu
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76659be16cecb1a64356c6d626f46322

Headers

File Characteristics

Imports

kernel32

comctl32

shell32

ole32

version

user32

oleaut32

msvcrt

netapi32

advapi32

gdi32

wtsapi32

Exports

Exports

Sections

l\8m<g< Size: - Virtual size: 2.6MB

n^+GlNs Size: - Virtual size: 8KB

][_jYP[Q Size: - Virtual size: 62KB

.59H*%Y= Size: - Virtual size: 26KB

L#XeSZt! Size: - Virtual size: 12KB

&kgFp<C* Size: - Virtual size: 2KB

qYJW4Z&k Size: - Virtual size: 174B

8v%G1U*g Size: - Virtual size: 69B

Q\+3.%JP Size: - Virtual size: 2.4MB

_kc"e:Nu Size: 5.1MB - Virtual size: 5.1MB

QwB" \Eu Size: 2KB - Virtual size: 1KB

l\8m<g<
Size: - Virtual size: 2.6MB

n^+GlNs
Size: - Virtual size: 8KB

][_jYP[Q
Size: - Virtual size: 62KB

.59H*%Y=
Size: - Virtual size: 26KB

L#XeSZt!
Size: - Virtual size: 12KB

&kgFp<C*
Size: - Virtual size: 2KB

qYJW4Z&k
Size: - Virtual size: 174B

8v%G1U*g
Size: - Virtual size: 69B

Q\+3.%JP
Size: - Virtual size: 2.4MB

_kc"e:Nu
Size: 5.1MB - Virtual size: 5.1MB

QwB" \Eu
Size: 2KB - Virtual size: 1KB