86d8260ede7abe9750905f33119ae91bcff8bcecf7fc79877c64a2f149b9f73c

Sharing

Copy URL Twitter E-mail

General

Target

86d8260ede7abe9750905f33119ae91bcff8bcecf7fc79877c64a2f149b9f73c
Size

138KB
MD5

639c856065e603cbdc9d9359ee38a800
SHA1

78a3ec47dc67d2f6444c0df9d054db265f83c2f0
SHA256

86d8260ede7abe9750905f33119ae91bcff8bcecf7fc79877c64a2f149b9f73c
SHA512

7a22dab69d370aadd2fcc751faf56acf82aff258a6677c80a6c72be409fc8bf714ac3724d1f142ae922f8279d5aa70fb0524590cfcd6cd134090b01ade8b04d2
SSDEEP

3072:2iJ1YtK+9CTDG58FiajbgwrNHOKOow/dD3d3cbupygS90w+0JOZekIBCaGgS:2xloPGuiaQy5AdubX82/

Score

N/A

Malware Config

Signatures

Files

86d8260ede7abe9750905f33119ae91bcff8bcecf7fc79877c64a2f149b9f73c
.dll windows x86

38915e7c4b4e5007fd336716c8820b0d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExW
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSizeEx
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
FindNextFileW
LoadLibraryW
LoadResource
LockResource
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
RtlUnwind
SetThreadLocale
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
lstrcmpiW
lstrlenW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
CreateFileW
LoadLibraryExW
CreateFileMappingW

user32

CharNextW
UnregisterClassA

ntdll

memcpy
memmove
memset
wcstoul
_wcsicmp
_vsnwprintf
_vsnprintf
RtlInitUnicodeString
RtlFreeHeap
RtlAllocateHeap
NtQueryValueKey

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

msvcrt

calloc
_unlock
_purecall
_onexit
_lock
_initterm
_errno
free
_amsg_exit
__set_app_type
__p__fmode
__dllonexit
__CxxFrameHandler
_XcptFilter
_CxxThrowException
malloc
printf
_callnewh
realloc

userenv

ForceSyncFgPolicy
RsopResetPolicySettingStatus

shell32

ShellHookProc
SHGetSettings
WOWShellExecute
DragAcceptFiles
SHUpdateRecycleBinIcon
SHLoadInProc

advapi32

GetTraceEnableLevel
GetTraceLoggerHandle
RegCloseKey
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceEnableFlags

Exports

Exports

ADeviceGetCaps
AShutDown
CreateDataObject
CreateTempFileStream
HrCreatePhonebookEntry
UpdateRebarBandColors

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38915e7c4b4e5007fd336716c8820b0d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ntdll

version

msvcrt

userenv

shell32

advapi32

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 64KB - Virtual size: 64KB

.data Size: 23KB - Virtual size: 23KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 64KB - Virtual size: 64KB

.data
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 16KB - Virtual size: 15KB