8763681ece0810377f33fd8166247887833d3022593b33a75152d0692f805d8b

Sharing

Copy URL Twitter E-mail

General

Target

8763681ece0810377f33fd8166247887833d3022593b33a75152d0692f805d8b
Size

4.8MB
MD5

6590a83dacb30f59d3b0f58f39a26ef7
SHA1

b27b28aacb3808d09fe91e0225bd3054fe4f99a0
SHA256

8763681ece0810377f33fd8166247887833d3022593b33a75152d0692f805d8b
SHA512

9798509b7b032cd33b077c8b4c9e5cc85853279c889d7ad4c5f9686a40e02e91e107332a186c7e1e0f7358eff4cd3e058214bb3435a374b96f021c567ea2375e
SSDEEP

98304:4toW5t0UDKGGDu2SyRff/buw4fdGQJXg5ty31wX1yXBeX702i2:Cl5kGGDVRff/buwCQ5Y3k1Ie5X

Score

N/A

Malware Config

Signatures

Files

8763681ece0810377f33fd8166247887833d3022593b33a75152d0692f805d8b
.dll windows x86

c5990be1084dabba6820125b7eadab59

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress
SetLastError
ExitProcess
LocalFileTimeToFileTime
CreateFileA
InitializeCriticalSection
WaitForSingleObjectEx
CloseHandle
LoadLibraryA
IsBadWritePtr
GetTickCount
IsBadReadPtr
DisableThreadLibraryCalls
GetModuleFileNameW
VirtualProtect
GetTempPathW
GetEnvironmentVariableW
GetCurrentProcessId
HeapFree
HeapAlloc
GetProcessHeap
EnterCriticalSection
Sleep
HeapReAlloc
DeleteCriticalSection
WaitForSingleObject
ExitThread
VirtualFree
VirtualAlloc
GetLastError
GetCurrentThreadId
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
LeaveCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
CreateFileW
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
WriteFile
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
GetModuleFileNameA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyA
RegQueryValueExW
RegOpenKeyW
RegQueryInfoKeyA
RegEnumKeyExW
RegCreateKeyW
RegCreateKeyExA

user32

GetWindowTextW
TranslateMessage
DispatchMessageA
GetDesktopWindow
CheckMenuItem
MsgWaitForMultipleObjects
GetCursorPos
UpdateWindow
FindWindowW
LoadIconW
GetMessageA
SetForegroundWindow
AppendMenuW
RegisterWindowMessageA
SendMessageA
RegisterClassExA
SetWindowPos
LoadIconA
GetSystemMetrics
PostMessageW
TrackPopupMenu
PostQuitMessage
RegisterClassExW
GetWindowTextA
CreateWindowExA
DefWindowProcW
SetFocus
RegisterWindowMessageW
PeekMessageW
ShowWindow
DestroyWindow

Exports

Exports

DllInstall
__apicall
_init
_uninstall
serv

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 394KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5990be1084dabba6820125b7eadab59

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 394KB - Virtual size: 394KB

.data Size: 3.3MB - Virtual size: 3.3MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 29KB - Virtual size: 29KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 394KB - Virtual size: 394KB

.data
Size: 3.3MB - Virtual size: 3.3MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 29KB - Virtual size: 29KB