f77b4ac28eebf4718cc328ace611a5b702ac6d658006df485e697f8d21c67560

Sharing

Copy URL Twitter E-mail

General

Target

f77b4ac28eebf4718cc328ace611a5b702ac6d658006df485e697f8d21c67560
Size

96KB
MD5

0df18cbb0f4ff8280680a4ef8a6e709b
SHA1

fe6b6d83b4c99f373ef02df623a621926b1880da
SHA256

f77b4ac28eebf4718cc328ace611a5b702ac6d658006df485e697f8d21c67560
SHA512

22efdaa2e0ebe710cb4ab7a7c8eda51b8ea23516375de55c6eafe5fb8fbafdccabff69cc7a98c20994142b0de477f097bce8b1bf5733184c0724f4df4b2fc069
SSDEEP

1536:2bOo1jB+wTCWiyB2EXLT3F8C+e1X1MCSNUoRNmU+iHLfKE6rY+w13RkbGn5DFA8d:HYwxyQEXLbF8C+ep1MCSWKNmU+k96nwP

Score

N/A

Malware Config

Signatures

Files

f77b4ac28eebf4718cc328ace611a5b702ac6d658006df485e697f8d21c67560
.dll windows x86

05ee583876c966ec2b39ff06336a3af5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcscat_s
_wtoi
iswdigit
iswxdigit
iswspace
wcscspn
_except_handler4_common
_amsg_exit
_initterm
free
malloc
_XcptFilter
qsort
memcpy
memset
??3@YAXPAX@Z

ntdll

EtwUnregisterTraceGuids
EtwRegisterTraceGuidsW
EtwGetTraceLoggerHandle
EtwGetTraceEnableLevel
EtwGetTraceEnableFlags
EtwTraceMessage
EtwEventRegister
EtwEventUnregister
EtwEventEnabled
EtwEventWrite

api-ms-win-core-localregistry-l1-1-0

RegGetValueW
RegQueryValueExW
RegOpenKeyExW
RegOpenCurrentUser
RegSetValueExW
RegCreateKeyExW
RegCloseKey

api-ms-win-core-processthreads-l1-1-0

OpenThreadToken
GetCurrentThread
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
OpenProcessToken
GetCurrentProcess

api-ms-win-security-base-l1-1-0

GetTokenInformation

kernel32

FreeLibrary
GetProcAddress
InterlockedCompareExchange
GetTickCount
GetSystemTimeAsFileTime
LoadLibraryExA
InterlockedExchange
QueryPerformanceCounter
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
ReadFile
SetFileAttributesW
CreateDirectoryW
FoldStringW
FormatMessageW
DelayLoadFailureHook
InitializeCriticalSectionAndSpinCount
LocalReAlloc
CloseHandle
SystemTimeToFileTime
GetLastError
GetSystemTime
DeleteCriticalSection
LocalAlloc
DisableThreadLibraryCalls
LeaveCriticalSection
LocalFree
EnterCriticalSection
Sleep
FlushFileBuffers
CreateFileW
DeleteFileW
SetFilePointer
CompareFileTime

Exports

Exports

DimsRoamEntry

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05ee583876c966ec2b39ff06336a3af5

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ntdll

api-ms-win-core-localregistry-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-security-base-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 28KB

.data Size: 60KB - Virtual size: 61KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 28KB

.data
Size: 60KB - Virtual size: 61KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 1KB