General

Malware Config

Signatures

Files

• 0922c54fe24fccc64e6dcda11c409c631341280e714b3a68adb245b92dab6296

  .dll windows x86

  27a887f035db9016fd69549e323cf12a

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  shlwapi

  PathFindFileNameA

  kernel32

  TerminateProcess

  GetCurrentProcess

  LoadLibraryA

  GetProcAddress

  CreateProcessA

  VirtualAlloc

  WaitForSingleObject

  CreateThread

  GetModuleFileNameA

  MoveFileA

  DisableThreadLibraryCalls

  QueryPerformanceCounter

  IsProcessorFeaturePresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  IsDebuggerPresent

  InitializeSListHead

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  vcruntime140

  _except_handler4_common

  memset

  __std_type_info_destroy_list

  api-ms-win-crt-runtime-l1-1-0

  _seh_filter_dll

  _initterm_e

  _initterm

  _execute_onexit_table

  exit

  _cexit

  _initialize_onexit_table

  _initialize_narrow_environment

  _configure_narrow_argv

  api-ms-win-crt-string-l1-1-0

  strcat_s

  Exports

  Exports

  GetSessionId

  GetXXXCode

  SyncReportAction

  SyncReportActionV2

  Sections

  .text

  Size: 18KB - Virtual size: 18KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 46KB - Virtual size: 46KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 448B - Virtual size: 408B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ