5ab4e4b2274121a4fcca53cba561bc20be425e80e2aa1ed7490efa2cb94f4e59

General

Target

5ab4e4b2274121a4fcca53cba561bc20be425e80e2aa1ed7490efa2cb94f4e59
Size

739KB
MD5

04eea8f6b9ce0dafc9479a1c2bcd34d6
SHA1

7cc143dda35c90ca401879a066e815b65a1592a0
SHA256

5ab4e4b2274121a4fcca53cba561bc20be425e80e2aa1ed7490efa2cb94f4e59
SHA512

ca6de25994b69faf101f5333fea1be46e3f17d3144f8357ffd1c493e85657d60b32281c155c65ca5624fe8b92e1fe985c1ccffe69fe3ff43c65bbbb368a2d34a
SSDEEP

12288:0jsUzfz0LLWlMUd4gqt+2hniu5vRnTCniBlYx84Qz+:pUrgLW6g4AS5vRnTCniBlYx84Qa

Score

N/A

Malware Config

Signatures

Files

5ab4e4b2274121a4fcca53cba561bc20be425e80e2aa1ed7490efa2cb94f4e59
.dll windows x86

f730eba2446db18b3c400c8e47911e9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringW
VirtualAlloc
VirtualFree
VirtualProtect
IsBadReadPtr
SetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
HeapAlloc
GetProcessHeap
HeapFree
GetLastError
HeapReAlloc
GetCurrentThreadId
DecodePointer
GetCommandLineA
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
HeapCreate
HeapDestroy
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetStringTypeW
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteFile
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
HeapSize
LCMapStringW
MultiByteToWideChar
LoadLibraryW

Exports

Exports

GetHookAPIs
NotifyShims

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 677KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f730eba2446db18b3c400c8e47911e9a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 677KB - Virtual size: 2.7MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 677KB - Virtual size: 2.7MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 11KB