2nd-payload[.]bin[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

2nd-payload.bin.dll
Size

248KB
MD5

3ebfd3e6d5d784a7fef7032b4d1a82fe
SHA1

cb4875231e231158f462ed2ba0ef2f0b15d24645
SHA256

cb3b67a980ba921625ecdf082d518c73a9f80ce1b2d4f428b6e950b20a9688bb
SHA512

e2fe751aab23d308751fc50e83c59721118d829032d9a0a6acda51ca6b96e6124281e10e12b7c7262349166a252c318f7a832220209edfd32e5b2f79c48eaf5f
SSDEEP

3072:WkYlN6Rbs4dOVb3rfeYVNhwZ5gdjMdMm1Z05k5Pryy7NXQ5VWe/y/hMM694JycnH:YOFEVGYVXogd6Mm1qWRcshMMEQBn

Score

N/A

Malware Config

Signatures

Files

2nd-payload.bin.dll
.dll regsvr32 windows x86

9b7a3496c1996bc3e714e5002dad5350

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
RaiseException
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
RtlUnwind
VirtualAlloc
HeapReAlloc
HeapSize
HeapAlloc
CloseHandle
SetThreadPriority
ResumeThread
CreateThread
WaitForSingleObject
CreateMutexW
GetConsoleMode
GetModuleHandleW
GetSystemTimeAsFileTime
Sleep
InterlockedIncrement
InterlockedDecrement
GetProcAddress
ExitProcess
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
HeapValidate
IsBadReadPtr
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetLastError
GetModuleFileNameA
WriteFile
GetStdHandle
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
GetModuleHandleA

user32

EndPaint
BeginPaint
DefWindowProcW
DestroyWindow
SetWindowTextW
GetClientRect
UpdateWindow
SendMessageW
GetMenu
SetTimer
GetDC
CreateWindowExW
EnableMenuItem
CheckMenuItem
GetSubMenu
RegisterClassExW
LoadCursorW
LoadIconW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
LoadStringW
MessageBoxA
ShowWindow
MessageBoxW
CreateDialogParamW
EndDialog
DialogBoxParamW
PostQuitMessage
SendDlgItemMessageW

gdi32

CreateSolidBrush
SetROP2
GetROP2
BitBlt
GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC
SetBkMode
Ellipse
SelectObject
CreateHatchBrush

Exports

Exports

DllRegisterServer

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b7a3496c1996bc3e714e5002dad5350

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 137KB - Virtual size: 137KB

.rdata Size: 37KB - Virtual size: 36KB

.data Size: 5KB - Virtual size: 22KB

.rsrc Size: 52KB - Virtual size: 52KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 137KB - Virtual size: 137KB

.rdata
Size: 37KB - Virtual size: 36KB

.data
Size: 5KB - Virtual size: 22KB

.rsrc
Size: 52KB - Virtual size: 52KB

.reloc
Size: 14KB - Virtual size: 14KB