87a9dde0b881e4b9f3d22d32d18144abdc33527c66ce06751cd63e563b88916d

Sharing

Copy URL Twitter E-mail

General

Target

87a9dde0b881e4b9f3d22d32d18144abdc33527c66ce06751cd63e563b88916d
Size

141KB
MD5

d13b228829588d1e76f1964f4ecae20d
SHA1

b17356e3375230e106bbc373fb18163fe40900c2
SHA256

87a9dde0b881e4b9f3d22d32d18144abdc33527c66ce06751cd63e563b88916d
SHA512

c2085a97aa2ac8a9cf485c133c8e0a7a9b129118a1161222c58c3e1f799409e1f6e495fe6e341d332e59f3f6018531a60dd2382f35e22609b51e9c7a7c8a92b8
SSDEEP

3072:3DyPHvyfKtqYT8ovRX5wgQJyrWZ7WfgPMMU:GPPwKVTjJ5lMyqZYM

Score

N/A

Malware Config

Signatures

Files

87a9dde0b881e4b9f3d22d32d18144abdc33527c66ce06751cd63e563b88916d
.dll windows x64

1c27b82dfafae5a099028dd10cfea232

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

gdiplus

GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipFree
GdipCloneImage
GdipDisposeImage
GdipSaveImageToStream
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromGdiDib

ws2_32

ntohl

kernel32

InitializeCriticalSectionAndSpinCount
CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
HeapSize
LCMapStringW
GetProcAddress
LocalFree
lstrlenW
LoadLibraryA
GetLastError
WaitForMultipleObjects
GetSystemTime
lstrcmpA
lstrlenA
GetModuleHandleA
ExitProcess
SetUnhandledExceptionFilter
ExitThread
Sleep
FreeLibrary
LocalAlloc
FormatMessageA
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetCurrentProcess
GetStartupInfoW
DeleteCriticalSection
GetFileType
GetCPInfo
GetOEMCP
GetStringTypeW
CloseHandle
RaiseException
LoadLibraryExA
CreateThread
GetCurrentThreadId
TerminateThread
ResumeThread
SetEvent
ReleaseMutex
WaitForSingleObject
GetACP
CreateMutexA
CreateEventA
SystemTimeToFileTime
HeapFree
HeapReAlloc
HeapAlloc
RtlLookupFunctionEntry
RtlUnwindEx
MultiByteToWideChar
GetCommandLineA
GetProcessHeap
EncodePointer
DecodePointer
GetModuleHandleExW
WideCharToMultiByte
GetStdHandle
WriteFile
GetModuleFileNameW
IsDebuggerPresent
IsProcessorFeaturePresent
RtlPcToFileHeader
SetLastError
IsValidCodePage

user32

SendMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
DefWindowProcA
UnregisterClassA
RegisterClassExA
SetWindowLongPtrA
GetWindowLongPtrA
ChangeClipboardChain
SetClipboardViewer
DestroyWindow
CreateWindowExA

ole32

CoUninitialize
CreateStreamOnHGlobal
CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoInitialize

oleaut32

VariantChangeType
VariantCopy
VariantClear
VariantInit
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetDim
SysFreeString
SysAllocString
SafeArrayGetVartype

activeds

ord9

Exports

Exports

DeinitServerExtension
GetExtensionName
InitServerExtension
ReflectiveLoader

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c27b82dfafae5a099028dd10cfea232

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

ws2_32

kernel32

user32

ole32

oleaut32

activeds

Exports

Exports

Sections

.text Size: 86KB - Virtual size: 85KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 9KB - Virtual size: 18KB

.pdata Size: 5KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 86KB - Virtual size: 85KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 9KB - Virtual size: 18KB

.pdata
Size: 5KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB