192a6df168936c867100759cecfbe68f165f8f0221a84c75d76c0c24c3cbd2fc

Sharing

Copy URL Twitter E-mail

General

Target

192a6df168936c867100759cecfbe68f165f8f0221a84c75d76c0c24c3cbd2fc
Size

151KB
MD5

4380bc1eab5a2ee069446ff6a01c8520
SHA1

2627ecadeb7faf17f6c02e02b79d9d5732d9f7be
SHA256

192a6df168936c867100759cecfbe68f165f8f0221a84c75d76c0c24c3cbd2fc
SHA512

c6ac9114eed52d1bd4fd32a1c43c47a09aa1dd9e4990030b7f2a3d7574306d7cefccd21b354cb95c65f1abc650e70e358bbbe4de5cdc8a7128c0049d334af4d0
SSDEEP

3072:n2cC37QFDp5sR9zgd3sQvVqRlkM4OAD/KLznBuB2JA2BjxuP2r:t87QFDp5sz0tsQvMRlkM4RD/qzMfU1As

Score

N/A

Malware Config

Signatures

Files

192a6df168936c867100759cecfbe68f165f8f0221a84c75d76c0c24c3cbd2fc
.dll windows x86

56c93674f2bf3e6890cdb364912b83bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

bsearch
_wcsnicmp
_wcsicmp
wcsncmp
memcpy
memset
??3@YAXPAX@Z
??2@YAPAXI@Z
??1type_info@@UAE@XZ
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
_CxxThrowException
_vsnwprintf

kernel32

MultiByteToWideChar
SearchPathW
FindResourceW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
UnmapViewOfFile
FreeLibrary
GetLocaleInfoW
CreateFileMappingW
MapViewOfFile
LoadLibraryExW
FindResourceExW
LoadResource
LocalReAlloc
GetPrivateProfileStringA
lstrlenA
GetLastError
WideCharToMultiByte
ReadFile
GetFileAttributesW
HeapFree
LocalFree
GetProcessHeap
CompareStringW
HeapReAlloc
HeapAlloc
lstrlenW
GetPrivateProfileStringW
CloseHandle
LocalAlloc
GetFileSize
CreateFileW
SetLastError
WritePrivateProfileSectionW
WritePrivateProfileStringW
lstrcmpW
GetPrivateProfileSectionW
GetModuleFileNameW
GetVersionExW
DeleteCriticalSection
DeleteAtom
FindAtomA
InitializeCriticalSection
DisableThreadLibraryCalls
LeaveCriticalSection
EnterCriticalSection
GlobalFree
GlobalAlloc
AddAtomA
WriteFile
SetFilePointer
lstrcmpiW
InterlockedDecrement
InterlockedExchange
Sleep
InterlockedCompareExchange
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FormatMessageW
SetUnhandledExceptionFilter

user32

DrawTextW
SetWindowPos
CreateWindowExW
GetScrollInfo
GetDC
ReleaseDC
GetParent
GetWindowRect
GetWindowTextW
DialogBoxParamW
CallWindowProcW
GetDlgItem
EnableWindow
GetDlgItemTextW
MessageBoxW
SetDlgItemTextW
EndDialog
SetWindowTextW
SendMessageW
MoveWindow
DestroyWindow
LoadCursorW
RegisterClassA
CreateWindowExA
GetWindowLongW
DefWindowProcW
SetScrollPos
SetWindowLongW
GetClientRect
LoadStringW
SetScrollRange
ShowWindow
UnregisterClassA

gdi32

GetTextExtentPoint32W
SelectObject
DeleteObject
GetStockObject
GetTextMetricsW
CreateFontIndirectW
GetDeviceCaps

shlwapi

ord217
PathFindFileNameW
ord346
StrCmpW
StrRChrW
StrCSpnW
StrSpnW
StrCmpNW
StrDupW
StrToIntW
StrCmpIW

oleaut32

SysFreeString
VariantInit
VariantClear
SysStringLen
SysAllocString

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

comctl32

ord16

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

mlang

ord113
ord112

Exports

Exports

AdmClose
AdmFinished
AdmInit
AdmReset
AdmSaveData
CheckDuplicateKeys
CreateAdmUi
DllMain
GetAdmCategories
GetFontInfo
IsAdmDirty
ResetAdmDirtyFlag

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56c93674f2bf3e6890cdb364912b83bd

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

shlwapi

oleaut32

ole32

comctl32

advapi32

mlang

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 59KB

.data Size: 1024B - Virtual size: 53KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 59KB - Virtual size: 59KB

.data
Size: 1024B - Virtual size: 53KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 6KB - Virtual size: 5KB