ce68f1206986647e1721017d10754dacc0bee2bc99b19da07041e0efa42379d1

Sharing

Copy URL Twitter E-mail

General

Target

ce68f1206986647e1721017d10754dacc0bee2bc99b19da07041e0efa42379d1
Size

120KB
MD5

3352bb0b02f013392dd881dca84fd5e8
SHA1

a24d28fc86a20d46c24d495b521278219412814a
SHA256

ce68f1206986647e1721017d10754dacc0bee2bc99b19da07041e0efa42379d1
SHA512

8876f5abc7bb75330b5288c5245693aa8c804678b36f80f0c21369de0527efb2f5ed4886b4c8a6bb2f579912c584c356c23c63d62d7a1bd8dd3d0525f2b2ed4b
SSDEEP

3072:Ti6YEzl51B716mJHDB2xX1tF8dbUy4fV:9YOPIXLo14fV

Score

N/A

Malware Config

Signatures

Files

ce68f1206986647e1721017d10754dacc0bee2bc99b19da07041e0efa42379d1
.dll windows x86

21ed37f6529ac31288bcefddc5e9ff92

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipFree
GdipCloneImage
GdipDisposeImage
GdipSaveImageToStream
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromGdiDib

ws2_32

ntohl

kernel32

CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
HeapSize
LCMapStringW
GetProcAddress
LocalFree
lstrlenW
LoadLibraryA
GetLastError
WaitForMultipleObjects
GetSystemTime
lstrcmpA
lstrlenA
GetModuleHandleA
ExitProcess
SetUnhandledExceptionFilter
ExitThread
Sleep
FreeLibrary
InterlockedDecrement
LocalAlloc
FormatMessageA
GetCurrentProcess
GetStringTypeW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
VirtualQuery
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
TerminateProcess
QueryPerformanceCounter
GetModuleFileNameA
GetStartupInfoW
DeleteCriticalSection
GetFileType
GetCPInfo
GetOEMCP
GetACP
SetEvent
RaiseException
LoadLibraryExA
CreateThread
GetCurrentThreadId
TerminateThread
ResumeThread
IsValidCodePage
ReleaseMutex
WaitForSingleObject
CloseHandle
CreateMutexA
CreateEventA
SystemTimeToFileTime
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind
MultiByteToWideChar
GetCommandLineA
GetProcessHeap
GetModuleHandleExW
WideCharToMultiByte
GetStdHandle
WriteFile
GetModuleFileNameW
IsDebuggerPresent
IsProcessorFeaturePresent
SetLastError

user32

SendMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
DefWindowProcA
UnregisterClassA
RegisterClassExA
SetWindowLongA
GetWindowLongA
ChangeClipboardChain
SetClipboardViewer
DestroyWindow
CreateWindowExA

ole32

CoUninitialize
CreateStreamOnHGlobal
CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoInitialize

oleaut32

VariantChangeType
VariantCopy
VariantClear
VariantInit
SafeArrayGetVartype
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetDim
SysFreeString
SysAllocString
SafeArrayUnlock

activeds

ord9

Exports

Exports

DeinitServerExtension
GetExtensionName
InitServerExtension
_ReflectiveLoader@0

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21ed37f6529ac31288bcefddc5e9ff92

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

ws2_32

kernel32

user32

ole32

oleaut32

activeds

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 80KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 7KB - Virtual size: 14KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 80KB - Virtual size: 80KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 7KB - Virtual size: 14KB

.reloc
Size: 5KB - Virtual size: 5KB