d226c99e9bc6a828927219aa1be52eaa9e0b2ead749b2cc92cde8eb145725add

Sharing

Copy URL

Twitter E-mail

General

Target

d226c99e9bc6a828927219aa1be52eaa9e0b2ead749b2cc92cde8eb145725add
Size

447KB
MD5

66f6540c01e1be01cb78879eff8b219f
SHA1

2cb6c156da4b09ecb4913ef08ca533b3b21b9404
SHA256

d226c99e9bc6a828927219aa1be52eaa9e0b2ead749b2cc92cde8eb145725add
SHA512

9ab83331a81c28aed641b2aefe55942c01f5572f5d05fe9f9beaafaa9a8e3a9a9905a30e284145e77eba506a5446be684f724e56e6406eaf2c76314a2e6bf737
SSDEEP

6144:VL9/cggP/6CEZ9pC7dEmv5woTewAAFbS1XJ0nQKk8i2vRbeRi+mEH+ELLe+5h//K:V5/i8CJEmvDTbSxJmOr7+EXe++ZOg

Score

N/A

Malware Config

Signatures

Files

d226c99e9bc6a828927219aa1be52eaa9e0b2ead749b2cc92cde8eb145725add
.dll windows x86

f9fcc81626febf9189c63399d737523a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EqualRect
FillRect
IsCharLowerA
LoadAcceleratorsA
LoadBitmapA
LoadCursorFromFileA
LoadImageA
MessageBeep
OemToCharBuffA
PostMessageA
SendMessageA
UpdateWindow
EmptyClipboard
EndDialog

version

GetFileVersionInfoW
VerFindFileW
VerInstallFileW
VerQueryValueW
GetFileVersionInfoA

kernel32

WinExec
VerLanguageNameW
VerLanguageNameA
UnlockFileEx
TerminateProcess
SetLastError
SetFilePointer
SetCurrentDirectoryA
SetCommState
SetCommMask
SetCommBreak
SearchPathA
ReplaceFileA
QueryPerformanceFrequency
DeleteFileA
DuplicateHandle
EnumDateFormatsW
EnumResourceLanguagesW
ExitProcess
FindFirstFileExA
FindFirstVolumeW
FindResourceW
FlushFileBuffers
GetCommandLineA
GetCurrentThreadId
GetDefaultCommConfigW
GetFileSize
GetLastError
GetLocalTime
GetProcAddress
GetTapePosition
GetThreadLocale
GetTickCount
GetVersionExW
HeapAlloc
IsBadReadPtr
IsBadStringPtrA
IsDBCSLeadByte
ProcessIdToSessionId

ntdll

RtlUpcaseUnicodeStringToOemString
RtlxOemStringToUnicodeSize
ZwAccessCheck
ZwCompleteConnectPort
ZwCreateIoCompletion
RtlTimeToElapsedTimeFields
RtlStringFromGUID
RtlSetInformationAcl
RtlSetCurrentDirectory_U
RtlResetRtlTranslations
RtlNtStatusToDosError
RtlMultiByteToUnicodeN
RtlLargeIntegerShiftLeft
RtlIsNameLegalDOS8Dot3
RtlInsertElementGenericTable
RtlInitAnsiString
RtlImpersonateSelf
RtlEqualDomainName
RtlDelete
RtlCreateUserProcess
NtGetWriteWatch
NtMapUserPhysicalPagesScatter
NtPowerInformation
NtPrivilegeObjectAuditAlarm
NtQueryPerformanceCounter
NtSetHighEventPair
RtlTraceDatabaseFind

userenv

CreateEnvironmentBlock
RegisterGPNotification
GetAppliedGPOListW
FreeGPOListW
ExpandEnvironmentStringsForUserW
EnterCriticalPolicySection

Exports

Exports

AslbmbmhQDrYnkTcMg
CvdVdvizmbilz
CvvZwqiqpqilwsJmNup
RczevmuTzo
UpkIPpjqlr
YhujHaryub
cPQ
dfT
doJiqduTouYnitgkf
ghfronm
nagwjaamtudgojb
njqoucNmb
oQoDihDyfiNvkztNc
shxlvFeotguk
usaH
wDufiriYjjthmMXoxz
xbprAhjkqjgvHKjhmk
zsygxgkhhspmulOzga

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 362KB - Virtual size: 667KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9fcc81626febf9189c63399d737523a

Headers

DLL Characteristics

File Characteristics

Imports

user32

version

kernel32

ntdll

userenv

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 57KB

.data Size: 362KB - Virtual size: 667KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 57KB - Virtual size: 57KB

.data
Size: 362KB - Virtual size: 667KB

.rsrc
Size: 26KB - Virtual size: 26KB