d683f18e538a5d9adb016e450cfd7feb3efe81851f5063233440971aaf2db418

Sharing

Copy URL Twitter E-mail

General

Target

d683f18e538a5d9adb016e450cfd7feb3efe81851f5063233440971aaf2db418
Size

82KB
MD5

154513626638a1c5478953713daafe87
SHA1

a4a9f955ba0099bba6d6e2e05ae54259feb1ed95
SHA256

d683f18e538a5d9adb016e450cfd7feb3efe81851f5063233440971aaf2db418
SHA512

d5b2dfe774c56162f17f5f6e17d59f1605e379f599140655541a66b3476a8cc172b8962a4cd863279119cee3d53f62068d3645508463bf11b1c478515d1ae964
SSDEEP

1536:1G2z6gTVqJrYnw1hPf0hw77SRz0udUijGtK6z4eCSxYC1i:1G2OgTVq1F1hf5uZPFj23XCQN1

Score

N/A

Malware Config

Signatures

Files

d683f18e538a5d9adb016e450cfd7feb3efe81851f5063233440971aaf2db418
.dll windows x86

c5e267af0dcae020f34533cceae15eb5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

apcubdcz

_Mbrtowc
_Rteps
_Nan
_Strxfrm
_Stod
_Eps
_Xbig
_FSnan
_FInf
_LXbig
_LInf
_FXbig
_FExp
_Exp
_Strcoll
_Wcrtomb

ntdll

NtOpenEvent
NtReadFile
NtQueryValueKey
NtSuspendThread
NtQuerySystemTime
NtCreateTimer
NtWriteFile

kernel32

VirtualAlloc
FlushInstructionCache
CloseHandle
GlobalReAlloc
CreateFileW
GetCurrentThreadId
ExitThread
FindFirstFileA
lstrlenW
GetFileAttributesA
FreeLibrary
CloseHandle
GetVersionExA
UnmapViewOfFile
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
SetErrorMode
VirtualAlloc
GetStartupInfoA
VirtualProtect
FindResourceA
GetExitCodeThread
UnhandledExceptionFilter
GetLocalTime
CompareStringA
FreeResource
InitializeCriticalSection
FileTimeToLocalFileTime
GetModuleFileNameW
GetProcessAffinityMask

user32

GetDoubleClickTime
RegisterClipboardFormatW
RegisterClassW
GetCursor
WindowFromPoint
ScrollDC
ScreenToClient
DrawFocusRect
MapVirtualKeyW
GetFocus
GetCaretPos
GetUpdateRect
InvalidateRgn
DeferWindowPos
SetCaretPos
GetIconInfo
MonitorFromPoint
CreateWindowExW
GetCapture
EndDeferWindowPos
GetSystemMetrics
DestroyCaret
GetClientRect
UnhookWindowsHookEx
OpenClipboard
GetUpdateRgn
MonitorFromRect
GetCursorPos
MessageBoxW
ShowCaret
EnableMenuItem

gdi32

CreatePatternBrush
CreateBrushIndirect
CreateFontIndirectA
CreateSolidBrush
GetGlyphOutlineW
GetDeviceCaps
GetTextFaceA
EndPage
TextOutA
ExtTextOutA
GetStockObject
GetGlyphOutlineA

Exports

Exports

CreateProcessNotify
GetCatalogObject
ResetCallCount
GetGlobalBabyJITEnabled
ServerGetApplicationType
OpenComponentLibraryEx
SetActionLogFile
SetSilent
DestroyOverStructPool

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5e267af0dcae020f34533cceae15eb5

Headers

DLL Characteristics

File Characteristics

Imports

apcubdcz

ntdll

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 64KB

.data Size: 15KB - Virtual size: 14KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 64KB

.data
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB