1a6370881ba5a75cc2c44a3373444a78366399bcc89c939d43e5c2409fcfb2de

Sharing

Copy URL Twitter E-mail

General

Target

1a6370881ba5a75cc2c44a3373444a78366399bcc89c939d43e5c2409fcfb2de
Size

143KB
MD5

c73cc089096874919ae5e343d642e510
SHA1

7de9a2492e8559b894a76c63b986a4ca9fb2bb0c
SHA256

1a6370881ba5a75cc2c44a3373444a78366399bcc89c939d43e5c2409fcfb2de
SHA512

dd4911e8f8e775628b140bc01e291b57b851171675cfdec6e4f4e81ca5d94694cc65c960bddbbd41301b604fda5e41df0011b2cf0220befb17fc367c4a940d1d
SSDEEP

3072:4Uz+XU61j+nHpRQllVxeKBnmKhsNUN/5r/7GlWCcFHrN7O:4UzwU6VAe0KBnXKC5r/7Gz8LN7

Score

N/A

Malware Config

Signatures

Files

1a6370881ba5a75cc2c44a3373444a78366399bcc89c939d43e5c2409fcfb2de
.dll windows x86

4027aeb0390381283f42f9840d7eb59f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
LoadLibraryExW
CreateFileMappingW
WriteFile
GetLastError
OutputDebugStringA
GetSystemWindowsDirectoryW
Sleep
GetLocalTime
ExitProcess
GetProcAddress
lstrcpyA
DeleteFileA
InitializeCriticalSection
CreateIoCompletionPort
GetProcessHeap
LeaveCriticalSection
GlobalFree
FindFirstFileA
GetModuleHandleA
LoadLibraryW
LCMapStringA
EnumDateFormatsA
GetModuleFileNameW
VirtualProtect
CreateJobObjectA
VerifyVersionInfoW
MultiByteToWideChar
GetSystemInfo
HeapReAlloc
SystemTimeToFileTime
VirtualAlloc
FindClose
OutputDebugStringW
WriteConsoleW
ExitThread

msvcrt

wcstol
atoi
strncpy
strxfrm
memset
_wcsnicmp
memcpy
_wcsicmp
wcsncpy
strcmp
printf
_XcptFilter
wcstok
swscanf
__CxxFrameHandler
toupper
__setusermatherr
wcsrchr
_wtoi
_wcmdln
towupper
wcscmp

user32

SetCapture
UnregisterClassA
wsprintfW
IsWindow
CopyRect
DispatchMessageW
ReleaseDC
DialogBoxParamA
UnregisterClassW
SendMessageW
MapWindowPoints
CheckDlgButton
LoadMenuW
LoadImageW
DestroyWindow
ReleaseCapture
BeginPaint
GetCursorPos
GetMenuItemCount
RegisterClassA
LoadCursorW
LoadCursorA
SetScrollPos
ClientToScreen
ScreenToClient
GetParent
GetProcessWindowStation
SendMessageA

gdi32

SetBkMode
RestoreDC
SetTextColor
Rectangle
CreateBitmap
CreateFontIndirectW
StretchBlt
TranslateCharsetInfo
PatBlt
CreateCompatibleDC

opengl32

wglShareLists
glTexCoord2dv
glTexCoord2d
glFogfv
GlmfBeginGlsBlock
glColor4i
glColor4f
glColor3ui
glStencilMask
glColor4d

Exports

Exports

HlaOqoekLbhykz
UuyRghkiMnnqKebc
RyTwasKqvnkTsktjnRef
WjkZlmniYyckcDkzdwy
KffmypVi
SxxkzGenvgmZkrxDs

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4027aeb0390381283f42f9840d7eb59f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.reloc Size: 512B - Virtual size: 296B

.crt Size: 512B - Virtual size: 72B

.rdata Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 115B

.data Size: 59KB - Virtual size: 58KB

.rsrc Size: 64KB - Virtual size: 64KB

.text
Size: 14KB - Virtual size: 13KB

.reloc
Size: 512B - Virtual size: 296B

.crt
Size: 512B - Virtual size: 72B

.rdata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 115B

.data
Size: 59KB - Virtual size: 58KB

.rsrc
Size: 64KB - Virtual size: 64KB