67fd5ff5c45893c309e77cfcf04949441e3ee8f7d240d71a339ebd97f54cb234

Sharing

Copy URL

Twitter E-mail

General

Target

67fd5ff5c45893c309e77cfcf04949441e3ee8f7d240d71a339ebd97f54cb234
Size

251KB
MD5

3a1160c416c92e4dff5c5ec9e3e82338
SHA1

42515dd0eb4d87384b36cbac2f83f30bb8d291fd
SHA256

67fd5ff5c45893c309e77cfcf04949441e3ee8f7d240d71a339ebd97f54cb234
SHA512

d698c32df7f98b9a1a361f315578233ec30da75a89a7069c19c8cb82f0b56ae6decf88f71fc463236592afd2713529c9016301a94588c52a66c4584ae18a76e8
SSDEEP

6144:1JEMA7LCSK41tvfoKM4RLYIvAAZ7Evwd6g83qR:1Cb5daIv83qR

Score

N/A

Malware Config

Signatures

Files

67fd5ff5c45893c309e77cfcf04949441e3ee8f7d240d71a339ebd97f54cb234
.dll windows x86

7515fe48a606f00ce8c60e960952b16d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wcsnicmp
_ftol2
wcsrchr
_CxxThrowException
_XcptFilter
malloc
free
_initterm
_amsg_exit
_adjust_fdiv
_except_handler4_common
_unlock
wcsncpy_s
__dllonexit
_lock
_onexit
wcsncat_s
swprintf_s
wcschr
_ltow
_wtol
_itow_s
wcscat_s
_purecall
wcscpy_s
memset
memcpy
_wcsicmp

ntdll

RtlRunEncodeUnicodeString
RtlInitUnicodeString
RtlRunDecodeUnicodeString
RtlSecondsSince1970ToTime
RtlTimeToSecondsSince1970

activeds

ord17
ord15
ord18
ord23
ord22
ord21
ord16
ord7
ord14

ole32

CoCreateInstance
CoTaskMemFree
StringFromCLSID
CreatePointerMoniker
StringFromGUID2
CLSIDFromString
IIDFromString

advapi32

UnlockServiceDatabase
OpenServiceW
QueryServiceConfigW
OpenSCManagerW
CreateServiceW
CloseServiceHandle
GetSidIdentifierAuthority
GetSidSubAuthorityCount
ChangeServiceConfigW
GetLengthSid
RegConnectRegistryW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
SystemFunction041
LockServiceDatabase
QueryServiceStatus
StartServiceW
ControlService
LookupAccountNameW
EnumServicesStatusW
SystemFunction040
DeleteService
GetUserNameW
GetSidSubAuthority

winspool.drv

AddPrinterW
SetPrinterW
OpenPrinterW
EnumJobsW
SetJobW
ClosePrinter
GetPrinterW
EnumPrintersW
DeletePrinter
GetJobW

kernel32

InterlockedIncrement
GetLastError
SetLastError
SystemTimeToFileTime
GetSystemTime
CompareStringW
GetTickCount
FreeLibrary
DeleteCriticalSection
InterlockedDecrement
LocalFree
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
lstrlenW
InitializeCriticalSection
DisableThreadLibraryCalls
GetComputerNameW
SystemTimeToTzSpecificLocalTime
LoadLibraryW
GetSystemDirectoryW
GetProcAddress
FileTimeToSystemTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FormatMessageW
FileTimeToDosDateTime
DosDateTimeToFileTime
RaiseException
GetModuleHandleW

oleaut32

VariantCopy
VariantTimeToDosDateTime
DosDateTimeToVariantTime
VariantInit
VariantClear
DispGetIDsOfNames
LoadRegTypeLi
DispInvoke
SetErrorInfo
VariantTimeToSystemTime
SysFreeString
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
CreateErrorInfo
SystemTimeToVariantTime

netapi32

NetUserDel
I_NetNameCompare
NetFileEnum
NetFileGetInfo
NetShareEnum
NetShareAdd
NetShareGetInfo
NetShareDel
NetShareSetInfo
NetLocalGroupAdd
NetGroupGetUsers
NetGroupEnum
NetLocalGroupEnum
NetGetDCName
NetGetAnyDCName
NetWkstaGetInfo
NetUseGetInfo
NetWkstaUserGetInfo
NetLocalGroupGetMembers
NetSessionDel
NetGroupDel
NetSessionEnum
NetSessionGetInfo
NetServerSetInfo
NetLocalGroupGetInfo
NetGroupAdd
NetGroupDelUser
NetGroupAddUser
NetLocalGroupAddMembers
NetLocalGroupDelMembers
DsRoleGetPrimaryDomainInformation
DsRoleFreeMemory
NetUserGetLocalGroups
NetUserGetGroups
NetGroupGetInfo
NetUserChangePassword
NetUserAdd
NetServerGetInfo
NetLocalGroupSetInfo
NetGroupSetInfo
NetUserGetInfo
NetUserSetInfo
NetQueryDisplayInformation
NetUserModalsGet
NetUserModalsSet
NetApiBufferFree
NetServerEnum
NetLocalGroupDel

mpr

WNetCancelConnection2W
WNetAddConnection2W

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7515fe48a606f00ce8c60e960952b16d

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ntdll

activeds

ole32

advapi32

winspool.drv

kernel32

oleaut32

netapi32

mpr

Exports

Exports

Sections

.text Size: 207KB - Virtual size: 206KB

.data Size: 31KB - Virtual size: 30KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 207KB - Virtual size: 206KB

.data
Size: 31KB - Virtual size: 30KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 10KB