7a395c6595b9ae0a48b7d2d0781fcd802e1a374ace3249f21b464066f9c8d07f

Sharing

Copy URL Twitter E-mail

General

Target

7a395c6595b9ae0a48b7d2d0781fcd802e1a374ace3249f21b464066f9c8d07f
Size

1.8MB
MD5

aee35a68213e30b0e76afe0abd7d577a
SHA1

d1f6678da267c0180e30112ee0a4af0b016b5b57
SHA256

7a395c6595b9ae0a48b7d2d0781fcd802e1a374ace3249f21b464066f9c8d07f
SHA512

7aaaaf97b4b4fdb699f128f6a8711d3bb45b799bd31c5e374679e672a62ecdbd8ab534d6be899eaf2612b6bcbc6cd39dcb0ea8b3af6dff5d075c082ebdb0c631
SSDEEP

49152:uLYV3OE1yF7k4qQKOy2xFncoCRc1QGfwp/nH1d:+sOEelFcoGc1QGIVd

Score

N/A

Malware Config

Signatures

Files

7a395c6595b9ae0a48b7d2d0781fcd802e1a374ace3249f21b464066f9c8d07f
.dll windows x86

ffde138a93713a39f99b30601240fafc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
CreateFileW
DeleteFileW
FindResourceExW
FindResourceW
LoadResource
SizeofResource
LockResource
FreeLibrary
LoadLibraryW
GetTimeZoneInformation
GetProcAddress
GetNativeSystemInfo
GetVersionExW
GetModuleFileNameW
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
GetModuleHandleW
lstrlenW
SetLastError
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
GetStringTypeW
EncodePointer
DecodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetTickCount
SleepEx
VerifyVersionInfoA
VerSetConditionMask
FormatMessageA
PeekNamedPipe
WaitForMultipleObjects
GetFileType
GetStdHandle
ExpandEnvironmentStringsA
GetSystemDirectoryA
LoadLibraryA
GetModuleHandleA
GetCurrentThreadId
GetVersion
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
FlushConsoleInputBuffer
SystemTimeToFileTime
GetSystemTime
GetCommandLineA
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
ExitProcess
GetFileAttributesW
LCMapStringW
GetCPInfo
ExitThread
CreateThread
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
SetFilePointer
FindClose
GetDriveTypeA
FindFirstFileExA
CreateFileA
SetConsoleCtrlHandler
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
GetLocaleInfoW
SetHandleCount
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleCP
FlushFileBuffers
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
GetFullPathNameA
GetCurrentDirectoryW
SetEndOfFile
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetDriveTypeW
GetFileSize
SetEvent
WaitForSingleObject
GetModuleHandleExA
TlsFree
TlsAlloc
TlsSetValue
LocalFree
GetDateFormatW
GetTimeFormatW
CopyFileW
TlsGetValue
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ReleaseMutex
WritePrivateProfileStringW
GetPrivateProfileStringW
CreateMutexW
CloseHandle
DeleteCriticalSection
CreateEventW
GetLastError
MultiByteToWideChar
SetErrorMode
Sleep
RtlUnwind
GetFileAttributesExW
WideCharToMultiByte

user32

CreateWindowExW
MsgWaitForMultipleObjectsEx
CallMsgFilterW
RegisterClassExW
TranslateMessage
DefWindowProcW
SendMessageW
GetQueueStatus
WaitMessage
KillTimer
PostMessageW
UnregisterClassW
DestroyWindow
GetSystemMetrics
wsprintfW
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxA
DispatchMessageW
PeekMessageW
PostQuitMessage
SetTimer
IsWindow

shlwapi

PathRemoveFileSpecW
PathFileExistsW

wininet

InternetGetCookieW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

advapi32

RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegSetValueExW
RegCloseKey
RegOpenKeyExW
IsValidSid
LookupAccountNameW
RegQueryValueExW
RegCreateKeyExW
GetSidSubAuthorityCount
GetUserNameW
GetSidSubAuthority
GetSidIdentifierAuthority

shell32

SHGetSpecialFolderPathW

ole32

CoCreateGuid

ws2_32

getpeername
getsockopt
htons
send
bind
ntohs
setsockopt
WSAIoctl
WSACleanup
WSAStartup
gethostname
ioctlsocket
listen
WSASetLastError
__WSAFDIsSet
WSAGetLastError
select
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
connect
socket
recv
closesocket
getsockname

wldap32

ord30
ord26
ord200
ord79
ord33
ord301
ord27
ord41
ord46
ord32
ord22
ord211
ord143
ord60
ord50
ord35

wsock32

shutdown

oleaut32

VariantClear

Exports

Exports

seal_main
startup
startupW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffde138a93713a39f99b30601240fafc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

wininet

version

advapi32

shell32

ole32

ws2_32

wldap32

wsock32

oleaut32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 373KB - Virtual size: 372KB

.data Size: 52KB - Virtual size: 69KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 93KB - Virtual size: 92KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 373KB - Virtual size: 372KB

.data
Size: 52KB - Virtual size: 69KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 93KB - Virtual size: 92KB