b66ca99e63f5001cf30443fe6f899e769193863029f7259062ddf7b08bfba6eb

General

Target

b66ca99e63f5001cf30443fe6f899e769193863029f7259062ddf7b08bfba6eb
Size

166KB
MD5

689197c896b5deaabd8d8e7b8d5381a2
SHA1

e1584f1433742611a77edcbfc59ab2e731d10e9f
SHA256

b66ca99e63f5001cf30443fe6f899e769193863029f7259062ddf7b08bfba6eb
SHA512

f4b959fedfd59f54baa09b214d98392d8a15c6b862b0f06cbf4f60024bf6b2f1d2646638ae5ca8c7b2b12fc9dc70bbc59ee48ea640e325daf8b50e0c4e034ca4
SSDEEP

3072:qV0ukZ67MNq2moImOTkr3Bis+Eorr0ixUmhHyQb2q8yAfk5Gceca:wqkmP7oP005yQLl51

Score

N/A

Malware Config

Signatures

Files

b66ca99e63f5001cf30443fe6f899e769193863029f7259062ddf7b08bfba6eb
.dll windows x86

9f8014414d43866745a1e89fbbc6eba2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelIo
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindClose
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetThreadContext
GetThreadPriority
InterlockedDecrement
InterlockedExchangeAdd
LoadLibraryA
OpenProcess
QueryInformationJobObject
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
VirtualProtect
WaitForMultipleObjects
WaitForSingleObject

shell32

SHGetFolderPathW
SHFormatDrive

wsock32

WSASetLastError
WSAGetLastError

msvcrt

__dllonexit
_adjust_fdiv
_beginthreadex
_endthreadex
_errno
_ftime
_initterm
_onexit
_setjmp3
_wcreat
calloc
exit
free
longjmp
malloc

Exports

Exports

ADeviceStartPlay
DeleteTempFile
FMissingCert
OpenFileStreamWithFlagsW
PVDecodeObject
PszSkipWhiteA

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f8014414d43866745a1e89fbbc6eba2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

wsock32

msvcrt

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 59KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 59KB - Virtual size: 59KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 6KB - Virtual size: 5KB