7dc8c1f04c679e3e74cadf32430376e8eb7c28fb13fe4fb2e29dc4c8396b4325

Sharing

Copy URL Twitter E-mail

General

Target

7dc8c1f04c679e3e74cadf32430376e8eb7c28fb13fe4fb2e29dc4c8396b4325
Size

187KB
MD5

18617d1a03214fa555353cf9d1fb69c0
SHA1

6b3f4cb6509334031f9f889a5252c4a321ad0c8f
SHA256

7dc8c1f04c679e3e74cadf32430376e8eb7c28fb13fe4fb2e29dc4c8396b4325
SHA512

6c9ec6a137dceef7437fbb1e957b0bc466038f795487ed963183ef5c4183ad19996a948b73d682c19e9e17220539c18404853d2680d59490c486f2bd79fe6a98
SSDEEP

3072:bGL7YQkfnEXSbMWK6SehQfZVl3exHUKb/2saOt+eq8Zuf9:K7Pkn06HQf/Bex3+s+Rh

Score

N/A

Malware Config

Signatures

Files

7dc8c1f04c679e3e74cadf32430376e8eb7c28fb13fe4fb2e29dc4c8396b4325
.dll windows x86

b5d7186fe5b6f6be5a4c42ccb85f7c66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
FreeLibrary
GetModuleHandleA
LoadLibraryExA
WaitForSingleObject
SetEvent
CreateEventA
GetModuleFileNameA
LeaveCriticalSection
GetCurrentThreadId
CloseHandle
FlushFileBuffers
WriteConsoleW
DeleteCriticalSection
EnterCriticalSection
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
InitializeCriticalSection
LoadLibraryA
GetExitCodeThread
GetProcAddress
VerSetConditionMask
LoadLibraryW
VerifyVersionInfoA
GetModuleFileNameW
GetLastError
SetLastError
GetCurrentProcess
GetCommandLineA
HeapFree
HeapAlloc
EncodePointer
DecodePointer
CreateThread
ExitThread
LoadLibraryExW
InterlockedIncrement
InterlockedDecrement
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetProcessHeap
GetStdHandle
GetFileType
InitializeCriticalSectionAndSpinCount
InitOnceExecuteOnce
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
TerminateProcess
GetModuleHandleW
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RaiseException
WriteFile
HeapSize
HeapReAlloc
RtlUnwind
GetStringTypeW
CompareStringEx
LCMapStringEx
OutputDebugStringW
SetEnvironmentVariableA
CreateFileW

user32

EnumDisplayDevicesA

gdi32

CreateDCA
DeleteDC

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Exports

Exports

DllMain
GetD3DKMTProcAddress
SetThunkProxyBypassMode
XopGetNumAdapters
XopOpenLinkedAdapter
XopQueryAdaptersOgl
XopSetAdapterIndex
XopSetGlobalsOgl

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b5d7186fe5b6f6be5a4c42ccb85f7c66

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

version

Exports

Exports

Sections

.text Size: 110KB - Virtual size: 109KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 14KB - Virtual size: 13KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 110KB - Virtual size: 109KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 14KB - Virtual size: 13KB

.rmnet
Size: 56KB - Virtual size: 60KB