9a7887ceb464291b0939b9b4cd6f0fe8cab1cca3f28608d576943f01ebf5e6a9

Sharing

Copy URL Twitter E-mail

General

Target

9a7887ceb464291b0939b9b4cd6f0fe8cab1cca3f28608d576943f01ebf5e6a9
Size

629KB
MD5

b649b65b9b5def81da16bb0a577865ed
SHA1

d3415ccf68278db62a3b5d9b66a216a4cca4ed78
SHA256

9a7887ceb464291b0939b9b4cd6f0fe8cab1cca3f28608d576943f01ebf5e6a9
SHA512

c5f610ce0824be65b1b9c3b33ea4f3dbedb9812fc87b4561d815e868b1c03e50d3468f41e9cc1d9c4c0b6863db31ae40fb27b36c9ef48a5282249a6cfe167f12
SSDEEP

12288:b9nRBQ6eGC+rhDn4oPu4rcM1uiuZD+HEHqYWWCD+nCYSV4O6FUAWwzEJ8wMZaI:B7gGRNz4oPu4Y7ikS+qYpTeMFUrwzEJA

Score

N/A

Malware Config

Signatures

Files

9a7887ceb464291b0939b9b4cd6f0fe8cab1cca3f28608d576943f01ebf5e6a9
.zip
LPDragoon.dll
.dll windows x86

dd2444a00fd7b56fd9bcc5958a8c93cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
MapViewOfFile
UnmapViewOfFile
LocalAlloc
SetFileAttributesA
ExpandEnvironmentStringsA
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcessId
FindResourceA
LoadResource
SizeofResource
LockResource
FreeResource
WriteFile
GetTempPathA
GetTempFileNameA
OpenFileMappingA
GetVersionExA
DeleteCriticalSection
WaitForSingleObject
EnterCriticalSection
ReleaseMutex
LeaveCriticalSection
GetCurrentDirectoryA
GetSystemDirectoryA
CopyFileA
MoveFileExA
VirtualAlloc
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
VirtualFree
IsBadReadPtr
VirtualProtect
SetFilePointer
SetFileTime
ReadFile
CreateDirectoryA
LocalFileTimeToFileTime
VirtualQuery
CreateThread
InitializeCriticalSectionAndSpinCount
Sleep
RaiseException
GetCurrentThreadId
OutputDebugStringA
GetPrivateProfileSectionA
FindClose
FindNextFileA
FindFirstFileA
SystemTimeToFileTime
TzSpecificLocalTimeToSystemTime
GetLocalTime
GetTickCount
GetModuleFileNameA
GetFileAttributesA
CreateFileA
DeleteFileA
GetModuleHandleA
FreeLibrary
GetProcAddress
LoadLibraryA
TerminateProcess
CloseHandle
GetCurrentProcess
SetLastError
LocalFree
GetLastError
InitializeCriticalSection
CreateFileW
SetEndOfFile
LoadLibraryW
HeapSize
WriteConsoleW
FlushFileBuffers
SetStdHandle
GetStringTypeW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
IsProcessorFeaturePresent
GetModuleFileNameW
ExitProcess
GetStartupInfoW
GetSystemTimeAsFileTime
HeapReAlloc
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
LCMapStringW
RtlUnwind
GetConsoleCP
GetConsoleMode
HeapCreate
HeapDestroy
SetHandleCount
GetStdHandle
GetFileType
CompareStringW

advapi32

SetSecurityDescriptorDacl
GetLengthSid
InitializeSecurityDescriptor
ControlService
StartServiceA
DeleteService
OpenServiceA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
BuildExplicitAccessWithNameA
GetNamedSecurityInfoA
SetNamedSecurityInfoA
FreeSid
AddAccessAllowedAce
InitializeAcl
AllocateAndInitializeSid
AdjustTokenPrivileges
LookupPrivilegeValueA
SetEntriesInAclA
OpenProcessToken
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoAddRefServerProcess
CoReleaseServerProcess
CoCreateInstance

shlwapi

SHDeleteKeyA
PathFileExistsA
PathAddBackslashA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd2444a00fd7b56fd9bcc5958a8c93cf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

shlwapi

version

Sections

.text Size: 129KB - Virtual size: 128KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 129KB - Virtual size: 128KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 12KB - Virtual size: 11KB