9e65218c8131636db2b4025874b81beca9eed6f7e5e8e6f6309e7a33fd6090a7

Sharing

Copy URL Twitter E-mail

General

Target

9e65218c8131636db2b4025874b81beca9eed6f7e5e8e6f6309e7a33fd6090a7
Size

92KB
MD5

7591397c1a90e7aef1b5a591a1f8c34b
SHA1

8eee5b66559d73dc4aa942c8ea4868e78e9bea4f
SHA256

9e65218c8131636db2b4025874b81beca9eed6f7e5e8e6f6309e7a33fd6090a7
SHA512

bcf33bb1b53a70bcbfb06f693a6860cda1d1e9d32c0ae24b57a2cc364e496072abef88d5eeb673f6d73983fbde450bdaa27cd77c3bdc658ccfe11a051343d9d5
SSDEEP

1536:8W+y1jL3+ACWiyFtSBG5lZZ5+zhBaslHJddYb3q04b0C2J44Kb5KoTviWkgQ+13:wmHayn8G5YpVa3jC2J4KzWPN3

Score

N/A

Malware Config

Signatures

Files

9e65218c8131636db2b4025874b81beca9eed6f7e5e8e6f6309e7a33fd6090a7
.dll windows x86

05ee583876c966ec2b39ff06336a3af5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcscat_s
_wtoi
iswdigit
iswxdigit
iswspace
wcscspn
_except_handler4_common
_amsg_exit
_initterm
free
malloc
_XcptFilter
qsort
memcpy
memset
??3@YAXPAX@Z

ntdll

EtwUnregisterTraceGuids
EtwRegisterTraceGuidsW
EtwGetTraceLoggerHandle
EtwGetTraceEnableLevel
EtwGetTraceEnableFlags
EtwTraceMessage
EtwEventRegister
EtwEventUnregister
EtwEventEnabled
EtwEventWrite

api-ms-win-core-localregistry-l1-1-0

RegGetValueW
RegQueryValueExW
RegOpenKeyExW
RegOpenCurrentUser
RegSetValueExW
RegCreateKeyExW
RegCloseKey

api-ms-win-core-processthreads-l1-1-0

OpenThreadToken
GetCurrentThread
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
OpenProcessToken
GetCurrentProcess

api-ms-win-security-base-l1-1-0

GetTokenInformation

kernel32

FreeLibrary
GetProcAddress
InterlockedCompareExchange
GetTickCount
GetSystemTimeAsFileTime
LoadLibraryExA
InterlockedExchange
QueryPerformanceCounter
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
ReadFile
SetFileAttributesW
CreateDirectoryW
FoldStringW
FormatMessageW
DelayLoadFailureHook
InitializeCriticalSectionAndSpinCount
LocalReAlloc
CloseHandle
SystemTimeToFileTime
GetLastError
GetSystemTime
DeleteCriticalSection
LocalAlloc
DisableThreadLibraryCalls
LeaveCriticalSection
LocalFree
EnterCriticalSection
Sleep
FlushFileBuffers
CreateFileW
DeleteFileW
SetFilePointer
CompareFileTime

Exports

Exports

DimsRoamEntry

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05ee583876c966ec2b39ff06336a3af5

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ntdll

api-ms-win-core-localregistry-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-security-base-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 28KB

.data Size: 56KB - Virtual size: 57KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 28KB

.data
Size: 56KB - Virtual size: 57KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 1KB