0849885013d0ce23176f0184cd0670c2f4a2558a756cee0d0a848caf6a01fa15

Sharing

Copy URL Twitter E-mail

General

Target

0849885013d0ce23176f0184cd0670c2f4a2558a756cee0d0a848caf6a01fa15
Size

50KB
MD5

26ed6752ea19b2086d125f18403e31c9
SHA1

6348f9a3fc79f44c09729940a0a0ca453f0e85f4
SHA256

0849885013d0ce23176f0184cd0670c2f4a2558a756cee0d0a848caf6a01fa15
SHA512

a291dc28f5f192584ddccd3882599a56cd8f60561d60bfcd8340a9f87c6f876d25dac0a7b8f179bc23edc68786ff86c5cd5c179c1a5dac39670b85176906b8b8
SSDEEP

768:hBD3dUdf8OlOqHajEKxwdLalioblcBANEdO3nttQlZdylmo0k2m5BleE:h13Bq6adeYoblcBANEEnIlTylmJR

Score

N/A

Malware Config

Signatures

Files

0849885013d0ce23176f0184cd0670c2f4a2558a756cee0d0a848caf6a01fa15
.dll windows x86

6dae650262bfe473f06414f74bed3b13

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
InvalidateRect
SetTimer
GetDesktopWindow
GetParent
GetSubMenu
GetAsyncKeyState
GetMenuItemCount
GetCapture
PostQuitMessage
DestroyIcon
GetSystemMetrics
SetActiveWindow
GetMenu
BringWindowToTop
SetParent
GetMenuItemID
CreateIconFromResource

dfsssscp

DAD_DragMove
ImmDestroySoftKeyboard
ImmSetStatusWindowPos
ImmCreateIMCC
SdbGetStringTagPtr
ImmGetCandidateListA
DllRegisterServer
ImmPutImeMenuItemsIntoMappedFile
PifMgr_CloseProperties
RestartDialog
SdbGetNextChild
ImmShowSoftKeyboard
ImmGetCompositionWindow
PrintersGetCommand_RunDLLA
SdbReadQWORDTag
FindExecutableA
SdbCloseDatabase
OpenAs_RunDLL
SdbCreateMsiTransformFile
SdbQueryApphelpInformation
ILCreateFromPathA
PathMakeUniqueName
DAD_ShowDragImage
IsUserAnAdmin
ImmGetCandidateWindow
ImmUnlockIMC
SdbGrabMatchingInfoEx
SdbFreeFlagInfo
ImmSetCandidateWindow
PathYetAnotherMakeUniqueName
SdbFindNextTagRef
Control_RunDLLA
ImmGetProperty
SdbFindFirstTagRef
SdbGetDatabaseMatch
ImmGetDefaultIMEWnd

ole32

CoUninitialize
CoInitializeEx
CoCreateGuid

kernel32

SetFilePointer
CreateFileMappingA
MapViewOfFile
FindVolumeMountPointClose
UnmapViewOfFile
SetEndOfFile
ReleaseSemaphore
VirtualQuery
GetSystemTime
HeapFree
GetModuleHandleA
GetExitCodeThread
GlobalAlloc
LockResource
GetCurrentProcess
FileTimeToSystemTime
WaitForMultipleObjects

advapi32

DeleteAce
GetTokenInformation

netapi32

NetShareEnum
NetApiBufferFree

shell32

SHGetDesktopFolder

Exports

Exports

CreateProcessNotify
DFDWjava

Sections

.text
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6dae650262bfe473f06414f74bed3b13

Headers

File Characteristics

Imports

user32

dfsssscp

ole32

kernel32

advapi32

netapi32

shell32

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 44KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 43KB - Virtual size: 44KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB