6900727f7d2e2f8f2bca48012af648aa326df2e26d66f3c8f0086e50098fdd8b

Sharing

Copy URL Twitter E-mail

General

Target

6900727f7d2e2f8f2bca48012af648aa326df2e26d66f3c8f0086e50098fdd8b
Size

56KB
MD5

4d0945c7837ec3e1c2ac31ca4dbb7070
SHA1

b817e2b26e16f035d3edc30f48a9db092a38de25
SHA256

6900727f7d2e2f8f2bca48012af648aa326df2e26d66f3c8f0086e50098fdd8b
SHA512

f3a8570655aadf928b8c471faad686088843cc186f737f81a452495010db7d75da40683a72bcfb18d3780215e1900f2a186da5c56530fc79b6180b0454fcfe8a
SSDEEP

768:/yiPlFd6fCbOI198PGqs/c03XxJVv6F00p7Y/d018ViWSMMRU:/yYlBbN1rTJy00dXJRU

Score

N/A

Malware Config

Signatures

Files

6900727f7d2e2f8f2bca48012af648aa326df2e26d66f3c8f0086e50098fdd8b
.dll windows x86

a22843e7b17dcd7ea056f22bd0725907

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetLastError
lstrcmpiA
Process32Next
GetModuleFileNameA
FindNextFileA
CreateMutexA
CreateToolhelp32Snapshot
GetCurrentThreadId
CloseHandle
DeleteFileA
CreateThread
lstrcpyA
HeapSize
LCMapStringW
Module32First
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
WriteFile
HeapReAlloc
VirtualAlloc
HeapAlloc
IsValidCodePage
GetOEMCP
lstrcatA
ReadProcessMemory
TerminateProcess
Sleep
OpenProcess
GetCurrentProcess
lstrlenA
lstrcmpA
LCMapStringA
ExitProcess
GetACP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

TranslateMessage
GetWindowThreadProcessId
LoadCursorA
UpdateWindow
SetWindowTextA
keybd_event
GetMessageA
SetTimer
GetWindowRect
GetFocus
AttachThreadInput
LoadIconA
FindWindowExA
SetParent
SetFocus
SendMessageA
IsWindowVisible
GetForegroundWindow
GetAsyncKeyState
MapVirtualKeyA
MessageBoxA
CreateWindowExA
DefWindowProcA
ShowWindow
IsWindow
DispatchMessageA
RegisterClassA

gdi32

DeleteObject
CreateFontA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
LookupPrivilegeValueA
RegSetValueExA
OpenProcessToken
RegCloseKey

wininet

HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetConnectA
InternetCloseHandle

Exports

Exports

createDevice

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a22843e7b17dcd7ea056f22bd0725907

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 3KB - Virtual size: 7KB

.rsrc Size: 512B - Virtual size: 444B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 3KB - Virtual size: 7KB

.rsrc
Size: 512B - Virtual size: 444B

.reloc
Size: 4KB - Virtual size: 3KB