1d52d5f4acc4c793339b3d2db6a3256a390d257201e202cc8d979fc26ac27ca1

Sharing

Copy URL

Twitter E-mail

General

Target

1d52d5f4acc4c793339b3d2db6a3256a390d257201e202cc8d979fc26ac27ca1
Size

228KB
MD5

b6ce4efa0c856447f857bdb775b9fa80
SHA1

b392d28adacd79ddd63558db4b35c4b98be0270b
SHA256

1d52d5f4acc4c793339b3d2db6a3256a390d257201e202cc8d979fc26ac27ca1
SHA512

bb39dbad21529750deb2faf34d89f325dd9d5f6bada68d59d8341d8778ab0dd33baac73293d065386383117f7702276cd5e19c316c34fcfd7ef383a8d887c2ce
SSDEEP

3072:s721krnJBlkCBOtRfQco4T8iViWdWVlpdVsyS6DV1+Dh:22krnflkCBOtCpE4Vl6OyD

Score

N/A

Malware Config

Signatures

Files

1d52d5f4acc4c793339b3d2db6a3256a390d257201e202cc8d979fc26ac27ca1
.dll windows x86

d00e471ef1408152586c06825a971bee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CancelDC
CheckColorsInGamut
CreateCompatibleBitmap
CreatePalette
EndFormPage
EndPath
EngMultiByteToWideChar
EngPaint
EngWideCharToMultiByte
EnumFontFamiliesExA
ExtSelectClipRgn
GdiEntry16
GdiSetAttrs
GdiSetServerAttr
GetColorSpace
GetDCBrushColor
GetDeviceCaps
GetEnhMetaFilePaletteEntries
GetFontLanguageInfo
GetTextColor
GetTextMetricsA
InvertRgn
NamedEscape
OffsetViewportOrgEx
PlayMetaFile
STROBJ_bGetAdvanceWidths
STROBJ_vEnumStart
ScaleWindowExtEx
SetPixel
SetPixelFormat
SetTextColor
SetVirtualResolution
AngleArc
Chord
CreateDCW
Ellipse
EngQueryEMFInfo
EnumFontFamiliesW
GdiIsMetaFileDC
GdiPlayDCScript
GetTextFaceW
GetTransform
CloseFigure
CreateDiscardableBitmap
GdiAlphaBlend
GetClipBox
GetDeviceGammaRamp
HT_Get8BPPMaskPalette
SetMetaFileBitsEx

kernel32

AddAtomW
ClearCommError
CloseHandle
CompareFileTime
CreateDirectoryA
CreateEventA
CreateFileMappingW
CreateThread
DebugActiveProcess
DebugBreak
DeleteFileA
DisconnectNamedPipe
EnumDateFormatsExA
FatalAppExitW
FindCloseChangeNotification
FindFirstFileA
FindFirstVolumeW
FindNextFileA
FlushFileBuffers
FormatMessageA
FreeLibrary
GetCPInfoExW
GetConsoleAliasExesLengthA
GetCurrentDirectoryA
GetEnvironmentStringsA
GetFileAttributesA
GetFileType
GetLocalTime
GetLongPathNameW
GetModuleFileNameA
GetProcessHeap
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
GetWindowsDirectoryW
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsBadHugeReadPtr
IsBadStringPtrA
IsDBCSLeadByte
LocalAlloc
LocalFree
MapViewOfFile
MoveFileA
MoveFileExA
MultiByteToWideChar
QueueUserAPC
ReadConsoleOutputAttribute
ReadConsoleOutputCharacterA
ResetEvent
SetCurrentDirectoryA
SetEvent
SetFilePointer
SetFileTime
SetHandleCount
SetThreadLocale
SystemTimeToFileTime
TransactNamedPipe
UnlockFileEx
VerLanguageNameA
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW
VirtualAlloc
AddConsoleAliasA
DeleteFileW
DeleteTimerQueueEx
DisableThreadLibraryCalls
DuplicateHandle
FindClose
FindFirstFileW
FindNextFileW
FindResourceW
GetConsoleCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeProcess
GetFileTime
GetNamedPipeInfo
GetSystemPowerStatus
GetTempPathW
OpenWaitableTimerA
QueryPerformanceCounter
RemoveDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
SetSystemTimeAdjustment
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
VirtualProtectEx
WaitForMultipleObjects
lstrcmpW
CreateDirectoryExA
EraseTape
ExitProcess
HeapCreate
HeapDestroy
SetConsoleCursorInfo
SetConsoleTitleW
SetVolumeMountPointW
Sleep
lstrcpyW
DecodePointer
GetCommandLineA
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetLastError
GetCurrentThread
GetProcAddress
GetStringTypeW
IsDebuggerPresent
HeapFree
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringW
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapAlloc
HeapReAlloc
SetConsoleCtrlHandler
LoadLibraryW
GetLocaleInfoW
WriteFile
GetModuleFileNameW
RtlUnwind
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale

shell32

DragQueryFileW
ExtractAssociatedIconA
SHGetFolderLocation
SHGetSpecialFolderLocation
SHQueryRecycleBinA
WOWShellExecute
SHFileOperation
SHGetFileInfoA
SHGetPathFromIDListW
SHPathPrepareForWriteA

Exports

Exports

EPKDY

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d00e471ef1408152586c06825a971bee

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

shell32

Exports

Exports

Sections

.text Size: 149KB - Virtual size: 148KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 39KB - Virtual size: 48KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 149KB - Virtual size: 148KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 39KB - Virtual size: 48KB

.reloc
Size: 9KB - Virtual size: 8KB