76785c078627e30150f73a4720d8a362068bf02e9ddb5fe87b17c99c2278df41

Sharing

Copy URL Twitter E-mail

General

Target

76785c078627e30150f73a4720d8a362068bf02e9ddb5fe87b17c99c2278df41
Size

4.6MB
MD5

4f379d275ce88788ff648312ee4caf50
SHA1

2219bccb06926f3bd4b9a47f78474b38c698dd3b
SHA256

76785c078627e30150f73a4720d8a362068bf02e9ddb5fe87b17c99c2278df41
SHA512

08f623fe4a00c6e2a45f0e0b59b0c63bf4ee111043f08b44a34f0904a1df735623d322ca409b5b6e4e9cb58600cd7ef969287b75585cb41182af9a31c4566b6d
SSDEEP

98304:3Io1GNDL/jaCpnOpJYwMuDn8hY80zeArKicYlm5YNsGXi:4UGh7aCdOpjJdBlx

Score

N/A

Malware Config

Signatures

Files

76785c078627e30150f73a4720d8a362068bf02e9ddb5fe87b17c99c2278df41
.dll windows x86

80271a4c916003ff145708c9cfe99a8b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcAddress
GetLastError
GetTickCount
LeaveCriticalSection
FileTimeToSystemTime
HeapReAlloc
ExitProcess
GetModuleHandleA
GetCurrentThread
GetModuleFileNameW
VirtualProtect
GetTempPathW
GetEnvironmentVariableW
LoadLibraryA
HeapFree
HeapAlloc
GetProcessHeap
EnterCriticalSection
DeleteCriticalSection
Sleep
DuplicateHandle
GetLocalTime
VirtualFree
InitializeCriticalSection
VirtualAlloc
CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
CloseHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
GetCurrentThreadId
InterlockedDecrement
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
WriteFile
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
SetLastError
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegQueryValueW
RegOpenKeyExA
RegEnumValueA
RegCloseKey
RegEnumKeyExA
RegOpenKeyW
RegQueryInfoKeyA
RegQueryValueExW
RegCreateKeyW

user32

BringWindowToTop
PostMessageA
CreateWindowExA
CheckMenuItem
RegisterWindowMessageW
RegisterClassExA
SendMessageA
GetWindowTextA
RegisterClassExW
SendMessageW
GetWindowTextW
PostQuitMessage
GetWindowRect
RegisterWindowMessageA
LoadIconW
MsgWaitForMultipleObjects
FindWindowW
SetWindowPos
RedrawWindow
SetForegroundWindow
MessageBoxA
UpdateWindow
GetMessageA
TrackPopupMenu
LoadIconA
GetParent
DestroyWindow
GetSystemMetrics
GetCursorPos
GetMessageW
SetFocus
DispatchMessageA

Exports

Exports

DllInstall
__apicall
_init
_uninstall
serv

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80271a4c916003ff145708c9cfe99a8b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 262KB - Virtual size: 262KB

.data Size: 3.2MB - Virtual size: 3.2MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 30KB - Virtual size: 29KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 262KB - Virtual size: 262KB

.data
Size: 3.2MB - Virtual size: 3.2MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 30KB - Virtual size: 29KB