d7e97911b5f62b564ddcf638bf1bcaed5f7703253b8924bee25b34ac4b819a06

Sharing

Copy URL

Twitter E-mail

General

Target

d7e97911b5f62b564ddcf638bf1bcaed5f7703253b8924bee25b34ac4b819a06
Size

86KB
MD5

f48353d1e2b7644e68f86ad8b3c7d7f3
SHA1

db6c34548e54dbec30b74277ec363348aaf7140e
SHA256

d7e97911b5f62b564ddcf638bf1bcaed5f7703253b8924bee25b34ac4b819a06
SHA512

00a6049feaf1b8ea9e6b545c2971527f6344a927c4a8ee6f0346e7a1ebb428eaf803bea76b106052794c6dd7ae0d33688b9eb98cbe0401d53a5d00c9ff152919
SSDEEP

1536:qHWkW14D4qmMtpwhismuozMBNLZd26lJLmpY02JdATVMZ+b0Fbh:Vz+wismuoQPLZdvm32vUCh

Score

N/A

Malware Config

Signatures

Files

d7e97911b5f62b564ddcf638bf1bcaed5f7703253b8924bee25b34ac4b819a06
.dll windows x86

0d89afe620ab67e44b8bd2ac0f5e7f60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

dpnehlpr

_Sinh
_FCosh
_Strcoll
_FRteps
_Nan
_Cosh
_LCosh
_FXbig

kernel32

LocalAlloc
VirtualAlloc
GetTempPathA
GetCurrentThread
GetTickCount
SetFileAttributesW
OutputDebugStringA
CloseHandle
GetVersionExA
SetLastError
GetStringTypeW
GetLocalTime
GetLocaleInfoW
VirtualAlloc
GetFileAttributesA
GlobalAddAtomA
FormatMessageA
CreateProcessW
GetStdHandle
HeapSize
SetStdHandle
GetProfileStringA
InterlockedDecrement
FreeEnvironmentStringsW
LoadLibraryW
WaitForSingleObject

ole32

OleIsRunning
StgOpenStorageOnILockBytes
OleUninitialize
CoLockObjectExternal
OleTranslateAccelerator
OleCreateEmbeddingHelper
MkParseDisplayName
StgIsStorageFile
OleRegEnumFormatEtc
CoIsOle1Class
OleQueryLinkFromData
ReadClassStg
StringFromGUID2

gdi32

GdiSetBatchLimit
CreateDIBPatternBrushPt
SetTextAlign
CreateBitmap
RestoreDC
CreateCompatibleDC
SetMetaFileBitsEx
MoveToEx
GetFontData
SetDIBits
SetWindowOrgEx
GetEnhMetaFileBits

advapi32

RegQueryValueExW

ntdll

RtlCancelTimer
NtQueryInformationFile
ZwSetEvent
RtlExitUserThread
RtlFillMemory
NtTraceEvent
RtlInitUnicodeString
NtOpenTimer
RtlCompareString
NtReadFile

user32

WaitMessage
PostMessageA
DestroyCaret
ReleaseCapture
DispatchMessageW
MessageBoxA
wsprintfA
IsZoomed
ChangeDisplaySettingsExA
GetDC
SetWindowLongW
GetTopWindow
CopyAcceleratorTableA
SetScrollRange
GetUpdateRect
EndPaint
SendMessageA
MapDialogRect
DrawFrameControl
MapWindowPoints
RegisterWindowMessageA
GetUpdateRgn
GetMenuItemCount
PostMessageW
CreateMenu
CopyRect
GetMessageTime
UnregisterClassA

Exports

Exports

DestroyOverStructPool
DowngradeAPL
GetCatalogObject2
CreateProcessNotify
UnregisterApplication
UpdateFromComponentChange
FreeUnimodemTimer
SetupOpen

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d89afe620ab67e44b8bd2ac0f5e7f60

Headers

DLL Characteristics

File Characteristics

Imports

dpnehlpr

kernel32

ole32

gdi32

advapi32

ntdll

user32

Exports

Exports

Sections

.text Size: 69KB - Virtual size: 69KB

.data Size: 14KB - Virtual size: 13KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 69KB - Virtual size: 69KB

.data
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB