General

Malware Config

Signatures

Files

• request_01-10_INV-165.zip

  .zip
• request_01-10_INV-165/CopyFolder_01-10.lnk

  .lnk
• request_01-10_INV-165/potyourueZ/disintoxicating.dat

  .dll windows x64

  69ee69fa9e738997af3eec5b9b8648e4

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  kernel32

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  DisableThreadLibraryCalls

  InitializeSListHead

  IsDebuggerPresent

  Exports

  Exports

  hT_Activate_Size

  hT_Add_Default_Modules

  hT_Add_Module

  hT_Angle_Diff

  hT_Atan2

  hT_Attach_File

  hT_Attach_Stream

  hT_Bitmap_Blend

  hT_Bitmap_Convert

  hT_Bitmap_Copy

  hT_Bitmap_Done

  hT_Bitmap_Embolden

  hT_Bitmap_Init

  hT_Bitmap_New

  hT_CeilFix

  hT_Cos

  hT_DivFix

  hT_Done_Face

  hT_Done_FreeType

  hT_Done_Glyph

  hT_Done_Library

  hT_Done_MM_Var

  hT_Done_Size

  hT_Face_CheckTrueTypePatents

  hT_Face_GetCharVariantIndex

  hT_Face_GetCharVariantIsDefault

  hT_Face_GetCharsOfVariant

  hT_Face_GetVariantSelectors

  hT_Face_GetVariantsOfChar

  hT_Face_Properties

  hT_Face_SetUnpatentedHinting

  hT_FloorFix

  hT_Get_Advance

  hT_Get_Advances

  hT_Get_CID_From_Glyph_Index

  hT_Get_CID_Is_Internally_CID_Keyed

  hT_Get_CID_Registry_Ordering_Supplement

  hT_Get_CMap_Format

  hT_Get_CMap_Language_ID

  hT_Get_Char_Index

  hT_Get_Charmap_Index

  hT_Get_Color_Glyph_ClipBox

  hT_Get_Color_Glyph_Layer

  hT_Get_Color_Glyph_Paint

  hT_Get_Colorline_Stops

  hT_Get_FSType_Flags

  hT_Get_First_Char

  hT_Get_Font_Format

  hT_Get_Gasp

  hT_Get_Glyph

  hT_Get_Glyph_Name

  hT_Get_Kerning

  hT_Get_MM_Blend_Coordinates

  hT_Get_MM_Var

  hT_Get_MM_WeightVector

  hT_Get_Module

  hT_Get_Multi_Master

  hT_Get_Name_Index

  hT_Get_Next_Char

  hT_Get_PS_Font_Info

  hT_Get_PS_Font_Private

  hT_Get_PS_Font_Value

  hT_Get_Paint

  hT_Get_Paint_Layers

  hT_Get_Postscript_Name

  hT_Get_Renderer

  hT_Get_Sfnt_LangTag

  hT_Get_Sfnt_Name

  hT_Get_Sfnt_Name_Count

  hT_Get_Sfnt_Table

  hT_Get_SubGlyph_Info

  hT_Get_Track_Kerning

  hT_Get_Transform

  hT_Get_TrueType_Engine_Type

  hT_Get_Var_Axis_Flags

  hT_Get_Var_Blend_Coordinates

  hT_Get_Var_Design_Coordinates

  hT_Get_X11_Font_Format

  hT_GlyphSlot_Embolden

  hT_GlyphSlot_Oblique

  hT_GlyphSlot_Own_Bitmap

  hT_Glyph_Copy

  hT_Glyph_Get_CBox

  hT_Glyph_Stroke

  hT_Glyph_StrokeBorder

  hT_Glyph_To_Bitmap

  hT_Glyph_Transform

  hT_Has_PS_Glyph_Names

  hT_Init_FreeType

  hT_Library_SetLcdFilter

  hT_Library_SetLcdFilterWeights

  hT_Library_SetLcdGeometry

  hT_Library_Version

  hT_List_Add

  hT_List_Finalize

  hT_List_Find

  hT_List_Insert

  hT_List_Iterate

  hT_List_Remove

  hT_List_Up

  hT_Load_Char

  hT_Load_Glyph

  hT_Load_Sfnt_Table

  hT_Matrix_Invert

  hT_Matrix_Multiply

  hT_MulDiv

  hT_MulFix

  hT_New_Face

  hT_New_Glyph

  hT_New_Library

  hT_New_Memory_Face

  hT_New_Size

  hT_Open_Face

  hT_Outline_Check

  hT_Outline_Copy

  hT_Outline_Decompose

  hT_Outline_Done

  hT_Outline_Embolden

  hT_Outline_EmboldenXY

  hT_Outline_GetInsideBorder

  hT_Outline_GetOutsideBorder

  hT_Outline_Get_BBox

  hT_Outline_Get_Bitmap

  hT_Outline_Get_CBox

  hT_Outline_Get_Orientation

  hT_Outline_New

  hT_Outline_Render

  hT_Outline_Reverse

  hT_Outline_Transform

  hT_Outline_Translate

  hT_Property_Get

  hT_Property_Set

  hT_Reference_Face

  hT_Reference_Library

  hT_Remove_Module

  hT_Render_Glyph

  hT_Request_Size

  hT_RoundFix

  hT_Select_Charmap

  hT_Select_Size

  hT_Set_Char_Size

  hT_Set_Charmap

  hT_Set_Debug_Hook

  hT_Set_Default_Log_Handler

  hT_Set_Default_Properties

  hT_Set_Log_Handler

  hT_Set_MM_Blend_Coordinates

  hT_Set_MM_Design_Coordinates

  hT_Set_MM_WeightVector

  hT_Set_Named_Instance

  hT_Set_Pixel_Sizes

  hT_Set_Renderer

  hT_Set_Transform

  hT_Set_Var_Blend_Coordinates

  hT_Set_Var_Design_Coordinates

  hT_Sfnt_Table_Info

  hT_Sin

  hT_Stroker_BeginSubPath

  hT_Stroker_ConicTo

  hT_Stroker_CubicTo

  hT_Stroker_Done

  hT_Stroker_EndSubPath

  hT_Stroker_Export

  hT_Stroker_ExportBorder

  hT_Stroker_GetBorderCounts

  hT_Stroker_GetCounts

  hT_Stroker_LineTo

  hT_Stroker_New

  hT_Stroker_ParseOutline

  hT_Stroker_Rewind

  hT_Stroker_Set

  hT_Tan

  hT_Trace_Set_Default_Level

  hT_Trace_Set_Level

  hT_Vector_From_Polar

  hT_Vector_Length

  hT_Vector_Polarize

  hT_Vector_Rotate

  hT_Vector_Transform

  hT_Vector_Unit

  hT_New_Context

  init

  Sections

  .text

  Size: 356KB - Virtual size: 355KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 136KB - Virtual size: 136KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 22KB - Virtual size: 21KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 16KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• request_01-10_INV-165/potyourueZ/oilgotyeph.cmd