bf1178f0142c434b90373605f99199b21843545826e03304a6a4eaf78899e42b

Sharing

Copy URL Twitter E-mail

General

Target

bf1178f0142c434b90373605f99199b21843545826e03304a6a4eaf78899e42b
Size

4.8MB
MD5

a35df6b91b7c4f4a17faf15e46ec21eb
SHA1

32fb1d656f750dd448c82cd46374a25afc56e151
SHA256

bf1178f0142c434b90373605f99199b21843545826e03304a6a4eaf78899e42b
SHA512

9ff721b0b0562edc6ec080f5dd637adda811cb55caccd43062308c6244ec16e393946b80412f153f4bbf964b9b93edc94c0b9f7d74c29a9fdbdd20515db7d22f
SSDEEP

98304:2g+AQSJUV+nTyf3jcPKIaCiblJnuvLnm5K0NY0E1T+vylpW+IKyKmslxXFIvppt:H6uTnm5rNvE1T+vi5IKNCpp

Score

N/A

Malware Config

Signatures

Files

bf1178f0142c434b90373605f99199b21843545826e03304a6a4eaf78899e42b
.dll windows x86

8c342e27c9d9f1ce856dddcb918f6baf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapFree
LoadLibraryA
GetProcAddress
GetModuleHandleA
ReadFile
GetLastError
DisableThreadLibraryCalls
WaitForSingleObject
GetTickCount
CloseHandle
HeapAlloc
GetModuleFileNameW
VirtualProtect
GetEnvironmentVariableW
GetTempPathW
LeaveCriticalSection
HeapReAlloc
ExitProcess
LocalFileTimeToFileTime
IsBadReadPtr
GetProcessHeap
FileTimeToLocalFileTime
GetCurrentProcess
EnterCriticalSection
ExitThread
DuplicateHandle
SetLastError
ResumeThread
SystemTimeToFileTime
VirtualFree
Sleep
VirtualAlloc
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
CreateFileW
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetStartupInfoW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
GetCurrentThreadId
InterlockedDecrement
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
WriteFile
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
WideCharToMultiByte
GetFileType

advapi32

RegQueryInfoKeyA
RegQueryValueExA
RegEnumKeyExW
RegCreateKeyA
RegEnumKeyExA
RegEnumKeyA
RegOpenKeyExA
RegEnumValueW
RegCreateKeyExW

user32

MessageBoxA
FindWindowA
GetMessageW
CheckMenuItem
AppendMenuW
EnumWindows
SendMessageA
RegisterClassExA
CreateWindowExW
RedrawWindow
RegisterWindowMessageA
SetFocus
SendMessageW
PostQuitMessage
DispatchMessageW
PeekMessageW
DispatchMessageA
GetDlgItem
TrackPopupMenu
SetWindowPos
PostMessageW
MsgWaitForMultipleObjects
UpdateWindow
CreatePopupMenu
DestroyWindow
GetWindowTextW
GetSystemMetrics
PeekMessageA
RegisterClassExW
SetForegroundWindow
CloseDesktop
GetLastInputInfo
RegisterWindowMessageW
LoadIconA

Exports

Exports

DllInstall
__apicall
_init
_uninstall
serv

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 413KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c342e27c9d9f1ce856dddcb918f6baf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 413KB - Virtual size: 412KB

.data Size: 3.3MB - Virtual size: 3.3MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 32KB - Virtual size: 32KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 413KB - Virtual size: 412KB

.data
Size: 3.3MB - Virtual size: 3.3MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 32KB - Virtual size: 32KB