cea25fc295347113f147dd38b004e0b3d53c91f43ddcfd5fc5b9a95d12013130

Sharing

Copy URL Twitter E-mail

General

Target

cea25fc295347113f147dd38b004e0b3d53c91f43ddcfd5fc5b9a95d12013130
Size

141KB
MD5

938f1833d1f3db71aea855b3f8fba2e0
SHA1

ffc588b69a202f46566ac0bae5ccea60c328e45d
SHA256

cea25fc295347113f147dd38b004e0b3d53c91f43ddcfd5fc5b9a95d12013130
SHA512

ee5ba93224b1b008cb269db37e99c4b9b2498d2a68a1df3ed41fb825156ebca20fec322563aa9a582849fd314c273d4aeffb08df5ecc817b2afe1ee8db901409
SSDEEP

3072:OdJ8BNWG+sWujlQgL6Fl+LQEPmYkIkFyPFfs:W8LbWmHL6F1YkIqOF

Score

N/A

Malware Config

Signatures

Files

cea25fc295347113f147dd38b004e0b3d53c91f43ddcfd5fc5b9a95d12013130
.dll windows x86

ca0741c673f416073e77206f8ff9e565

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FillConsoleOutputCharacterW
GetDateFormatA
UnmapViewOfFile
SetConsoleScreenBufferSize
VerLanguageNameW
GetStartupInfoW
_hread
DisconnectNamedPipe
CreateNamedPipeW
lstrlenA
_lcreat
LocalSize
SetSystemPowerState
GetUserDefaultLangID
GetDriveTypeA
CloseHandle
GetProcessHeap
HeapAlloc
TlsGetValue
HeapFree
GetUserDefaultLangID
LoadResource
Beep
GetLongPathNameA
GlobalFindAtomW
GetWindowsDirectoryA
ProcessIdToSessionId
GetFileType
LocalAlloc
GetProfileStringA
GetFileSizeEx
InterlockedExchange
_lopen
GetCurrencyFormatW

msvcrt

malloc
free
strtod

user32

GetForegroundWindow
CharNextExA
FindWindowW
GetSystemMetrics
CreateMenu
ActivateKeyboardLayout
ScreenToClient
ClientToScreen
GetPriorityClipboardFormat
SetWinEventHook
RedrawWindow
GetWindowTextA
SetProcessWindowStation
GetMenuState
MoveWindow
SetDlgItemTextA
CallMsgFilterW

gdi32

CreateDIBPatternBrush
UpdateColors
GetCharWidth32A
CreateICW
SetTextAlign
SetTextJustification
SetDCPenColor
DescribePixelFormat
Rectangle
CombineTransform
IntersectClipRect
RectInRegion
GetTextCharsetInfo

winmm

timeGetTime

rtm

RtmDeregisterEntity
RtmCreateDestEnum
RtmGetEntityMethods
RtmGetExactMatchRoute
RtmCreateRouteListEnum
RtmGetEnumNextHops
RtmGetEntityInfo
RtmCreateRouteEnum
RtmInsertInRouteList
RtmReferenceHandles
RtmLockRoute
RtmGetEnumRoutes
RtmGetChangeStatus
RtmGetDestInfo
RtmBlockMethods
RtmDeregisterFromChangeNotification
RtmReleaseEntities
RtmUpdateAndUnlockRoute
RtmInvokeMethod
RtmIgnoreChangedDests
RtmCreateNextHopEnum
RtmGetChangedDests

Exports

Exports

ArcClipboardNavigate
DecryptCopyTableParameters
LeaveKernel
OemCertUNCServerValid
PolyDragCloseThreadTag
PrepareFloodAutoAs
SHFreeFree
ValidateWindowsPriority

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GJc
Size: 1024B - Virtual size: 977B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9l
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca0741c673f416073e77206f8ff9e565

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

winmm

rtm

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 123KB

.data Size: 11KB - Virtual size: 15KB

.GJc Size: 1024B - Virtual size: 977B

.9l Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 976B

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 124KB - Virtual size: 123KB

.data
Size: 11KB - Virtual size: 15KB

.GJc
Size: 1024B - Virtual size: 977B

.9l
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 976B

.reloc
Size: 512B - Virtual size: 4KB