leet[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

leet.dll
Size

3.7MB
MD5

b73e3413164049075d985e8227e8739e
SHA1

46ad37ce8a627f3f8ade060c2de285afd58042ca
SHA256

45537209f12add9082ccddf1a6ff5d3a1106539c7d494fd6c3764296b1cad84c
SHA512

e3d9a9bed749e52aac1d20bd8050e6e68a2adab3aed47a194bbbc3b5bfdfa59da2e175e46fc41336bb957f93220ce1cbec0d36df22b2c53fb4ae474875afd710
SSDEEP

49152:j5Yoga774522LnIFt+aSbq17txyu7B7odfrultHgRVZ236xAEBGU:j6oN4522LnIf+aSu17vyu7Bqfr6grJB

Score

N/A

Malware Config

Signatures

Files

leet.dll
.dll windows x86

e8bfc0d6fa7acd46990384a4b8c96790

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetKnownFolderPath
ShellExecuteW

ole32

CoTaskMemFree

user32

ScreenToClient
GetCapture
ClientToScreen
IsChild
GetForegroundWindow
SetCapture
SetCursor
GetClientRect
ReleaseCapture
GetCursorPos
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
LoadCursorA
SetClipboardData
CallWindowProcW
ShowWindow
FindWindowW
FlashWindowEx
SetWindowLongW
GetKeyState
SetCursorPos
MessageBoxA

kernel32

InterlockedFlushSList
GetCommandLineA
CompareStringW
InitializeSListHead
CreateEventW
ResetEvent
SetEvent
CompareStringEx
LCMapStringEx
VirtualQuery
VirtualProtect
GetModuleHandleA
Sleep
CloseHandle
CreateThread
GetProcAddress
GetCurrentProcess
K32GetModuleInformation
GetModuleHandleW
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
LoadLibraryW
QueryPerformanceFrequency
QueryPerformanceCounter
VirtualFree
VirtualAlloc
HeapAlloc
HeapReAlloc
GetThreadContext
SetThreadContext
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
Thread32Next
OpenThread
SuspendThread
ResumeThread
HeapFree
FlushInstructionCache
HeapCreate
HeapDestroy
GetLastError
RaiseException
FreeLibrary
GetModuleFileNameA
GetModuleHandleExA
LoadLibraryExA
FormatMessageA
SetLastError
RtlUnwind
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
ExitProcess
GetModuleHandleExW
ReadFile
GetSystemTimeAsFileTime
GetTempPathW
DuplicateHandle
CreateProcessW
GetFileSizeEx
SetFilePointerEx
GetStdHandle
GetFileType
GetStartupInfoW
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetDateFormatW
GetTimeFormatW
GetCommandLineW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadConsoleW
GetTimeZoneInformation
DeleteFileW
MoveFileExW
GetFileAttributesExW
CreateFileW
GetExitCodeProcess
EncodePointer
DecodePointer
CreatePipe
SetStdHandle
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetProcessHeap
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetEndOfFile
HeapSize
GetModuleFileNameW
WriteConsoleW
LocalFree
CreateDirectoryW
FindClose
FindFirstFileExW
FindNextFileW
SetFileInformationByHandle
AreFileApisANSI
GetFileInformationByHandleEx
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
WaitForSingleObjectEx

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 942KB - Virtual size: 942KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8bfc0d6fa7acd46990384a4b8c96790

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

user32

kernel32

imm32

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rdata Size: 942KB - Virtual size: 942KB

.data Size: 18KB - Virtual size: 61KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 114KB - Virtual size: 113KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 942KB - Virtual size: 942KB

.data
Size: 18KB - Virtual size: 61KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 114KB - Virtual size: 113KB