d9f1f68a8f07010aefa9dea08f659b19ad3942cf90762cab9a66615643cb35fd

Sharing

Copy URL Twitter E-mail

General

Target

d9f1f68a8f07010aefa9dea08f659b19ad3942cf90762cab9a66615643cb35fd
Size

179KB
MD5

0daa606cf2595355525bebcc369248a0
SHA1

5102ae88c624cf7ab3dde9bc603c8ecb1a096d43
SHA256

d9f1f68a8f07010aefa9dea08f659b19ad3942cf90762cab9a66615643cb35fd
SHA512

063adf77c84c2413d5b7fc3a5279f99abc24cccde5068f1410c179de047096bded08b7b7ecea547ce7614672fadb8f42c0f7a5861bf224e274ecb9939167818f
SSDEEP

3072:5vefW8IHJn4/TGfCwT6TaLmhHngVcaE2sx/TBfCHdwMCXDb+FMv:52W8IHJGTsx/LmtycaZE/TBq95CvUg

Score

N/A

Malware Config

Signatures

Files

d9f1f68a8f07010aefa9dea08f659b19ad3942cf90762cab9a66615643cb35fd
.dll windows x86

863a6405d2a19881d8d44c8228f0fa53

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetQueryOptionA
InternetCloseHandle
InternetOpenA
HttpSendRequestA
HttpAddRequestHeadersA
InternetAttemptConnect
HttpOpenRequestA
InternetSetOptionA
InternetReadFile
InternetCrackUrlA
InternetConnectA
HttpQueryInfoA

kernel32

SetEnvironmentVariableA
CompareStringW
SetFilePointer
GetFileSize
WaitForSingleObject
ReadFile
GetModuleFileNameW
CreateFileW
CloseHandle
CreateThread
CreateFileA
SetFileTime
GetSystemDirectoryW
lstrlenW
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
GetFileTime
GetTickCount
WriteConsoleW
SetEvent
CreateEventW
ExitProcess
lstrlenA
FreeLibrary
Process32First
VirtualFree
WriteFile
CreateEventA
GetSystemDirectoryA
GetLastError
GetProcAddress
VirtualAlloc
LoadLibraryA
Process32Next
WideCharToMultiByte
GetCurrentProcessId
QueryPerformanceCounter
SetStdHandle
LCMapStringW
GetStringTypeW
SetEndOfFile
MultiByteToWideChar
GetModuleHandleW
HeapFree
HeapAlloc
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
GetProcessHeap
DecodePointer
ExitThread
GetCurrentThreadId
EncodePointer
GetSystemTimeAsFileTime
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
GetStdHandle
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
Sleep
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
LoadLibraryW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW

user32

wsprintfA

advapi32

RegOpenKeyExA
RegisterServiceCtrlHandlerA
RegCloseKey
RegEnumValueW
RegCreateKeyA
RegQueryValueExA
RegSetValueExA
SetServiceStatus

Exports

Exports

?ReleaseDLL@@YGXPAUHINSTANCE__@@@Z
EntryPoint
ServiceMain

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

863a6405d2a19881d8d44c8228f0fa53

Headers

DLL Characteristics

File Characteristics

Imports

wininet

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 6KB - Virtual size: 14KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 6KB - Virtual size: 14KB

.reloc
Size: 9KB - Virtual size: 8KB