79619f242b4bdb192815127303a50f3ace331058f2763bc2b1502810821fc69d

Sharing

Copy URL Twitter E-mail

General

Target

79619f242b4bdb192815127303a50f3ace331058f2763bc2b1502810821fc69d
Size

977KB
MD5

4f506083158326869dde8841c34d1232
SHA1

07e741c464350304abb529a851cdec3bb5dcbcf2
SHA256

79619f242b4bdb192815127303a50f3ace331058f2763bc2b1502810821fc69d
SHA512

6568e3ccc8cc943fa184358239a68200195d87d85dd6cb0b1d5b108dee816b7edf4bccaf241de39776ace9210ba61764ed33e013ca4d793761098b1332f71d1b
SSDEEP

24576:Ty1DC2P9D2e3DDkQKab19iI8Opj36a7azaoaQTL22Daz:ePPh2VaRpea7azaoaQTaAK

Score

N/A

Malware Config

Signatures

Files

79619f242b4bdb192815127303a50f3ace331058f2763bc2b1502810821fc69d
.dll windows x86

d246596f17a20f734e17d1e774131bad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
lstrlenW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
LocalFree
FreeLibrary
FormatMessageW
VirtualQuery
LoadLibraryExW
GetModuleFileNameW
MultiByteToWideChar
lstrlenA
HeapFree
GetProcAddress
GetModuleHandleW
OutputDebugStringA
GetACP
LoadLibraryW
HeapAlloc
GetProcessHeap
HeapReAlloc
CloseHandle
ReadFile
CreateFileW
SetFilePointerEx
GetCurrentThreadId
IsBadWritePtr
IsBadReadPtr
SetCommState
GetLastError
GetCommState
GetCommProperties
PurgeComm
Sleep
SetCommMask
DeviceIoControl
ClearCommBreak
ClearCommError
SetCommTimeouts
GetCommTimeouts
WaitForSingleObject
WriteFile
GetOverlappedResult
ResetEvent
GetTickCount
CreateEventW
SetupComm
SetFilePointer
SetEndOfFile
SetEvent
GetCurrentProcessId
GetLocalTime
GetUserDefaultLangID
MoveFileExW
GetFileAttributesExW
CreateDirectoryW
GetTempPathW
WaitForMultipleObjects
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
ReleaseMutex
CreateMutexW
GetDefaultCommConfigW
LeaveCriticalSection
EnterCriticalSection
RaiseException
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
HeapSize
HeapDestroy
GetSystemTimeAsFileTime

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetFolderPathW

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

oleaut32

SysAllocStringLen
SysStringLen
SysFreeString
VariantCopyInd
SafeArrayGetElement
VarBstrCmp
SysStringByteLen
SysAllocStringByteLen
LoadTypeLi
LoadRegTypeLi
GetErrorInfo
VariantClear
SafeArrayDestroy
SafeArrayCreateVectorEx
SafeArrayGetVartype
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SetErrorInfo
CreateErrorInfo
SysAllocString
VariantInit
DispCallFunc

shlwapi

PathFileExistsW
PathAddBackslashW

msvcp100

??0_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
??1_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z

msvcr100

_malloc_crt
_except_handler4_common
__clean_type_info_names_internal
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
_onexit
_lock
_encoded_null
_unlock
?terminate@@YAXXZ
_wtoi
wcstoul
_wcslwr_s
wcscspn
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__dllonexit
wcsncat_s
??3@YAXPAX@Z
__CxxFrameHandler3
??_V@YAXPAX@Z
_CxxThrowException
memset
_purecall
memcpy_s
wmemcpy_s
wcslen
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
strlen
memcpy
memmove
memmove_s
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
_vscprintf
vsprintf_s
free
calloc
_recalloc
wcscpy
wcscat
_wmakepath
_wsplitpath
wcsspn
wcsncpy_s
??0exception@std@@QAE@XZ
__RTDynamicCast
wcsstr
wcsnlen
memcmp
malloc
_resetstkoflw
_beginthreadex
_vscwprintf
vswprintf_s
_wcsicmp
wcscmp
wcsrchr
_wstat64
_crt_debugger_hook

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 554KB - Virtual size: 554KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 187KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d246596f17a20f734e17d1e774131bad

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcp100

msvcr100

version

Exports

Exports

Sections

.text Size: 191KB - Virtual size: 191KB

.rdata Size: 554KB - Virtual size: 554KB

.data Size: 13KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 28KB - Virtual size: 27KB

.text Size: 187KB - Virtual size: 188KB

.text
Size: 191KB - Virtual size: 191KB

.rdata
Size: 554KB - Virtual size: 554KB

.data
Size: 13KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 28KB - Virtual size: 27KB

.text
Size: 187KB - Virtual size: 188KB