501254c83b56679c110e5cc08e732e81f4973afa077834d496e12db4a7f1b897

Sharing

Copy URL Twitter E-mail

General

Target

501254c83b56679c110e5cc08e732e81f4973afa077834d496e12db4a7f1b897
Size

228KB
MD5

016cc6f8b6903a0582c5bd3fc1b06a20
SHA1

637bc53290e2c350bed943bfc2c750dd1fa82b55
SHA256

501254c83b56679c110e5cc08e732e81f4973afa077834d496e12db4a7f1b897
SHA512

185a9883868e0529f33d36f2b250693812607fd60c337cef50c6de9ba66ff808daf31a2c5ec78277d26b109fa806e908b83f2a5a61b2e8645e790952e855b26f
SSDEEP

3072:U6721krnJBlzT0dfQc9b8iViWdWVlpdVsySzV1pDh:L2krnflzT0UE4Vl6pD

Score

N/A

Malware Config

Signatures

Files

501254c83b56679c110e5cc08e732e81f4973afa077834d496e12db4a7f1b897
.dll windows x86

d00e471ef1408152586c06825a971bee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CancelDC
CheckColorsInGamut
CreateCompatibleBitmap
CreatePalette
EndFormPage
EndPath
EngMultiByteToWideChar
EngPaint
EngWideCharToMultiByte
EnumFontFamiliesExA
ExtSelectClipRgn
GdiEntry16
GdiSetAttrs
GdiSetServerAttr
GetColorSpace
GetDCBrushColor
GetDeviceCaps
GetEnhMetaFilePaletteEntries
GetFontLanguageInfo
GetTextColor
GetTextMetricsA
InvertRgn
NamedEscape
OffsetViewportOrgEx
PlayMetaFile
STROBJ_bGetAdvanceWidths
STROBJ_vEnumStart
ScaleWindowExtEx
SetPixel
SetPixelFormat
SetTextColor
SetVirtualResolution
AngleArc
Chord
CreateDCW
Ellipse
EngQueryEMFInfo
EnumFontFamiliesW
GdiIsMetaFileDC
GdiPlayDCScript
GetTextFaceW
GetTransform
CloseFigure
CreateDiscardableBitmap
GdiAlphaBlend
GetClipBox
GetDeviceGammaRamp
HT_Get8BPPMaskPalette
SetMetaFileBitsEx

kernel32

AddAtomW
ClearCommError
CloseHandle
CompareFileTime
CreateDirectoryA
CreateEventA
CreateFileMappingW
CreateThread
DebugActiveProcess
DebugBreak
DeleteFileA
DisconnectNamedPipe
EnumDateFormatsExA
FatalAppExitW
FindCloseChangeNotification
FindFirstFileA
FindFirstVolumeW
FindNextFileA
FlushFileBuffers
FormatMessageA
FreeLibrary
GetCPInfoExW
GetConsoleAliasExesLengthA
GetCurrentDirectoryA
GetEnvironmentStringsA
GetFileAttributesA
GetFileType
GetLocalTime
GetLongPathNameW
GetModuleFileNameA
GetProcessHeap
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
GetWindowsDirectoryW
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsBadHugeReadPtr
IsBadStringPtrA
IsDBCSLeadByte
LocalAlloc
LocalFree
MapViewOfFile
MoveFileA
MoveFileExA
MultiByteToWideChar
QueueUserAPC
ReadConsoleOutputAttribute
ReadConsoleOutputCharacterA
ResetEvent
SetCurrentDirectoryA
SetEvent
SetFilePointer
SetFileTime
SetHandleCount
SetThreadLocale
SystemTimeToFileTime
TransactNamedPipe
UnlockFileEx
VerLanguageNameA
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW
VirtualAlloc
AddConsoleAliasA
DeleteFileW
DeleteTimerQueueEx
DisableThreadLibraryCalls
DuplicateHandle
FindClose
FindFirstFileW
FindNextFileW
FindResourceW
GetConsoleCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeProcess
GetFileTime
GetNamedPipeInfo
GetSystemPowerStatus
GetTempPathW
OpenWaitableTimerA
QueryPerformanceCounter
RemoveDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
SetSystemTimeAdjustment
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
VirtualProtectEx
WaitForMultipleObjects
lstrcmpW
CreateDirectoryExA
EraseTape
ExitProcess
HeapCreate
HeapDestroy
SetConsoleCursorInfo
SetConsoleTitleW
SetVolumeMountPointW
Sleep
lstrcpyW
DecodePointer
GetCommandLineA
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetLastError
GetCurrentThread
GetProcAddress
GetStringTypeW
IsDebuggerPresent
HeapFree
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringW
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapAlloc
HeapReAlloc
SetConsoleCtrlHandler
LoadLibraryW
GetLocaleInfoW
WriteFile
GetModuleFileNameW
RtlUnwind
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale

shell32

DragQueryFileW
ExtractAssociatedIconA
SHGetFolderLocation
SHGetSpecialFolderLocation
SHQueryRecycleBinA
WOWShellExecute
SHFileOperation
SHGetFileInfoA
SHGetPathFromIDListW
SHPathPrepareForWriteA

Exports

Exports

HJDJYWFJMH

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d00e471ef1408152586c06825a971bee

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

shell32

Exports

Exports

Sections

.text Size: 149KB - Virtual size: 148KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 39KB - Virtual size: 48KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 149KB - Virtual size: 148KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 39KB - Virtual size: 48KB

.reloc
Size: 9KB - Virtual size: 8KB