763185f20dd5e7a7be6ed26a4ae6e155d03d31c37e5ebe4d4ba2d62036dd17a5

Sharing

Copy URL Twitter E-mail

General

Target

763185f20dd5e7a7be6ed26a4ae6e155d03d31c37e5ebe4d4ba2d62036dd17a5
Size

283KB
MD5

ff5775ce8090f2788e9b10ab66cc3fc0
SHA1

026b1851c61dc8f0334529a76446fd4705c11e2e
SHA256

763185f20dd5e7a7be6ed26a4ae6e155d03d31c37e5ebe4d4ba2d62036dd17a5
SHA512

57d7f45d8fb56228ca606e05248145d50510df60add01a5a04d6312ea88f009e9cff4e895badfd271d1ec4fd766a1a09ed18f4edfc8457832dacaac95f843268
SSDEEP

3072:k2ziZ9PtIWS1q5YkBW8jARCrZE10mPhtLpUA/Jg5Xclq+T/t9OMhEufEqA6BrT:kP9Ptqs5HBndEBht2A/S+b4yH

Score

N/A

Malware Config

Signatures

Files

763185f20dd5e7a7be6ed26a4ae6e155d03d31c37e5ebe4d4ba2d62036dd17a5
.dll windows x86

0620dcab14178fa9eba9ab19492b5ac1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
FindClose
FindNextFileW
FindFirstFileW
SetLastError
FlushInstructionCache
GetCurrentProcess
GetEnvironmentVariableW
GetVersion
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
GetLastError
InterlockedPushEntrySList
InterlockedCompareExchange
LeaveCriticalSection
EnterCriticalSection
DisableThreadLibraryCalls
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
CloseHandle
CreateFileW
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
MultiByteToWideChar
LCMapStringW
IsProcessorFeaturePresent
RtlUnwind
LoadLibraryW
HeapReAlloc
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
WriteFile
HeapAlloc
HeapSize
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetStartupInfoW
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
Sleep
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
HeapFree
GetCommandLineA
DecodePointer
GetCurrentThreadId
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
FreeLibrary
InterlockedExchange
lstrlenW
RaiseException
GetProcessHeap
GetModuleFileNameW

user32

GetParent
GetMonitorInfoW
MonitorFromWindow
GetWindowLongW
GetWindow
ScreenToClient
EnableWindow
DestroyIcon
EndDialog
GetClientRect
LoadCursorW
UnregisterClassA
IsWindowEnabled
GetActiveWindow
SetFocus
MapWindowPoints
GetWindowRect
ShowWindow
SendMessageW
SetWindowTextW
GetDlgItem
SetWindowLongW
DialogBoxParamW
DialogBoxIndirectParamW
SetWindowPos

shell32

SHGetFileInfoW

comctl32

ImageList_Duplicate
ImageList_Destroy
ImageList_ReplaceIcon

ole32

CoTaskMemFree
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
SysStringLen
SysAllocStringLen
LoadRegTypeLi
LoadTypeLi
VariantInit
VariantClear

shlwapi

UrlCombineW

uxtheme

SetWindowTheme

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 252KB - Virtual size: 253KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0620dcab14178fa9eba9ab19492b5ac1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

comctl32

ole32

oleaut32

shlwapi

uxtheme

Exports

Exports

Sections

.text Size: 252KB - Virtual size: 253KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 252KB - Virtual size: 253KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 10KB - Virtual size: 9KB