omstoolbar[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

omstoolbar.dll
Size

299KB
MD5

dc5f0dce8c3cc3661f6c1395559fdad0
SHA1

2b5791152c3247c45c8645bf31325af6be63adc2
SHA256

d641acc224fc21c3e45b160ccad1e51724100b0de94ae38798f186edac81a621
SHA512

d8ac0dfb631ea24fb108aa748c227c272f0ad7b23130748671df5e8f60beb9899370c37b8e5ddfe3e43e2d8602184a5da8337d9949e77ffcee3c5d8dc50ddf69
SSDEEP

6144:++rYKtCH21i8AxCJ84c0qrlpU+wz57k9y/o:+CY2LeC+4OlpJy/

Score

1^/10

Malware Config

Signatures

Files

omstoolbar.dll
.dll windows x86

69652a6e6fb3f6b151883b1105e1ced9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc120

ord10088
ord3253
ord3256
ord13541
ord6098
ord6971
ord6408
ord460
ord3117
ord3354
ord3353
ord4041
ord10302
ord11218
ord10844
ord8878
ord1106
ord11990
ord9048
ord2716
ord13537
ord6096
ord11949
ord7002
ord6439
ord514
ord3127
ord8240
ord4927
ord4928
ord6008
ord12274
ord1741
ord5813
ord13485
ord13494
ord5818
ord13492
ord5817
ord2513
ord4443
ord11252
ord5834
ord8671
ord9188
ord1146
ord8054
ord9051
ord11621
ord11616
ord5253
ord11995
ord3792
ord4535
ord11920
ord9075
ord11899
ord11317
ord10234
ord9139
ord9259
ord10342
ord10570
ord7042
ord9264
ord10572
ord7039
ord6476
ord558
ord3144
ord7546
ord11924
ord8242
ord3889
ord11998
ord1742
ord11618
ord5835
ord11623
ord3783
ord9141
ord9262
ord7178
ord6615
ord811
ord3175
ord3304
ord1338
ord10752
ord11933
ord5329
ord8577
ord3379
ord3380
ord7839
ord12758
ord2858
ord10261
ord9049
ord7182
ord813
ord1342
ord8315
ord1820
ord12480
ord5483
ord6064
ord11798
ord11799
ord13244
ord2580
ord2607
ord4127
ord4157
ord4199
ord4233
ord4203
ord3791
ord8182
ord12271
ord3888
ord8828
ord11989
ord11916
ord11896
ord14351
ord13760
ord6977
ord471
ord3121
ord8018
ord5317
ord1113
ord2591
ord4062
ord11577
ord9892
ord7353
ord7177
ord6614
ord810
ord3174
ord12288
ord2128
ord8617
ord997
ord13914
ord1047
ord8188
ord12038
ord7508
ord6007
ord6937
ord6374
ord3100
ord4170
ord8585
ord2946
ord3821
ord1065
ord8966
ord1645
ord5005
ord8327
ord14228
ord12374
ord14098
ord2963
ord305
ord5801
ord2950
ord3796
ord4690
ord14194
ord14188
ord12734
ord500
ord11782
ord5765
ord12165
ord14379
ord2838
ord1137
ord5548
ord887
ord1384
ord8614
ord5303
ord6177
ord8658
ord2818
ord12605
ord11285
ord2302
ord4061
ord8017
ord9135
ord11740
ord6972
ord461
ord3118
ord1107
ord13538
ord7349
ord4628
ord13908
ord14009
ord12037
ord12069
ord8062
ord8055
ord5797
ord3801
ord6729
ord990
ord6226
ord14441
ord6227
ord14442
ord6225
ord14440
ord7848
ord12345
ord14240
ord11802
ord11803
ord1985
ord7789
ord12759
ord4039
ord4100
ord9234
ord14366
ord7770
ord14368
ord12355
ord12356
ord2442
ord5241
ord8167
ord7845
ord4537
ord12677
ord12740
ord10264
ord12065
ord8229
ord1463
ord7507
ord8311
ord6053
ord3188
ord4798
ord14151
ord9252
ord3903
ord9536
ord6930
ord6367
ord3098
ord4167
ord1061
ord8964
ord980
ord1980
ord14320
ord1453
ord13083
ord971
ord13058
ord1442
ord12874
ord7297
ord1467
ord2162
ord8554
ord14182
ord9213
ord5761
ord324
ord2199
ord1177
ord12503
ord1646
ord8346
ord551
ord6469
ord12961
ord1348
ord1838
ord12555
ord821
ord6626
ord1406
ord4618
ord12454
ord1959
ord12556
ord926
ord6679
ord1634
ord8600
ord12577
ord2157
ord7188
ord7459
ord7366
ord7369
ord7360
ord7348
ord7458
ord1451
ord5018
ord5705
ord2898
ord8317
ord3212
ord979
ord2250
ord2256
ord2168
ord2209
ord4827
ord8587
ord4175
ord5833
ord2482
ord4826
ord3881
ord6484
ord7047
ord1166
ord3818
ord3135
ord540
ord12882
ord1103
ord4119
ord4596
ord8208
ord8652
ord5101
ord12834
ord13900
ord13904
ord12831
ord13889
ord8720
ord13892
ord13479
ord13826
ord13094
ord13090
ord12899
ord12897
ord12898
ord12907
ord12679
ord12765
ord3813
ord450
ord12392
ord12372
ord13559
ord2717
ord10118
ord10120
ord10119
ord10117
ord10121
ord5536
ord11546
ord11547
ord8977
ord11907
ord3787
ord3782
ord11756
ord14361
ord8803
ord6844
ord10567
ord11455
ord9303
ord10831
ord9094
ord3217
ord13658
ord12077
ord12075
ord1706
ord1718
ord1726
ord1722
ord1731
ord4863
ord4904
ord4871
ord4883
ord4879
ord4875
ord4912
ord4900
ord4867
ord4916
ord4889
ord4851
ord4858
ord4893
ord4450
ord5672
ord9528
ord4442
ord3008
ord14369
ord7771
ord14367
ord6745
ord11538
ord12840
ord13488
ord5814
ord7540
ord2638
ord11942
ord3890
ord3321
ord3322
ord3216
ord11986
ord5206
ord4091
ord364
ord5136
ord5433
ord5643
ord9186
ord5409
ord5646
ord5139
ord5295
ord5119
ord5840
ord7574
ord7575
ord7565
ord5293
ord8064
ord10083
ord9047
ord4829
ord3910
ord3908
ord2480
ord1465
ord992
ord1063
ord362
ord4597
ord7948
ord4519
ord3841
ord6686
ord13062
ord2476
ord4822
ord6405
ord6363
ord6436
ord6366
ord895
ord6669
ord3831
ord3906
ord2478
ord6443
ord1405
ord12453
ord7896
ord2425
ord13057
ord13742
ord925
ord6678
ord14430
ord12219
ord14377
ord12162
ord1040
ord286
ord4764
ord8204
ord8599
ord12697
ord4613
ord4612
ord2944
ord1688
ord1691
ord1687

msvcr120

__clean_type_info_names_internal
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_except_handler4_common
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
vsprintf_s
ldiv
_CxxThrowException
memcpy
atoi
_memicmp
sscanf_s
_mbscmp
memset
__RTDynamicCast
__CxxFrameHandler3
malloc
free
memmove_s
memcpy_s
_recalloc

kernel32

OutputDebugStringW
GetVersionExA
FreeResource
LoadResource
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
LocalAlloc
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
GetPrivateProfileStringA
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
RaiseException
DecodePointer
GlobalFindAtomA
GlobalAddAtomA
LoadLibraryA
FormatMessageA
MulDiv
GlobalDeleteAtom
LocalFree
GetProcAddress
GetModuleHandleA
FreeLibrary
GetTickCount
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
GetEnvironmentVariableA
GetCPInfo
WideCharToMultiByte
MultiByteToWideChar
FindResourceA
lstrlenA
lstrcmpiA
LockResource
GetVersion

user32

DestroyMenu
SetRectEmpty
GetWindowTextA
BringWindowToTop
IsWindowVisible
PostMessageA
UnregisterClassA
LoadCursorA
GetWindow
GetDCEx
ReleaseCapture
SetCapture
EndDeferWindowPos
BeginDeferWindowPos
CharUpperA
PtInRect
InvalidateRect
GetIconInfo
LoadBitmapA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetClassNameA
GetParent
SetWindowLongA
GetWindowLongA
IsRectEmpty
OffsetRect
IntersectRect
InflateRect
DrawFocusRect
ClientToScreen
GetCursorPos
MessageBoxA
GetWindowRect
GetClientRect
RemovePropA
GetPropA
SetPropA
RedrawWindow
GetWindowDC
WindowFromDC
DrawStateA
MenuItemFromPoint
GetMenuItemRect
GetMenuDefaultItem
SetMenuInfo
GetMenuInfo
DrawEdge
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
LoadMenuA
EnableWindow
KillTimer
SetTimer
GetFocus
SetWindowPos
IsChild
IsMenu
IsWindow
CallWindowProcA
SendMessageA
GetMessagePos
RegisterWindowMessageA
GetClipboardFormatNameA
wsprintfA
SystemParametersInfoA
DrawIconEx
DestroyIcon
LoadBitmapW
GetDesktopWindow
CopyRect
SetRect
FillRect
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetMenuItemInfoA
DeleteMenu
RemoveMenu
ModifyMenuA
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
CreatePopupMenu
CreateMenu
GetMenuState
GetSystemMetrics
CharLowerA

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectA
CreateHatchBrush
GetBkColor
GetDIBColorTable
StretchBlt
UnrealizeObject
SetBrushOrgEx
SelectClipRgn
RoundRect
GetNearestColor
CreateRectRgnIndirect
CreateRectRgn
CreatePatternBrush
CombineRgn
ExtTextOutA
TextOutA
GetObjectA
CreateDIBSection
SetPixel
SelectObject
Rectangle
RectVisible
PtVisible
PatBlt
GetTextExtentPoint32W
GetTextExtentPoint32A
GetPixel
GetDeviceCaps
GetBkMode
Escape
Ellipse
DeleteObject
DeleteDC
CreateSolidBrush
CreatePen
BitBlt

msimg32

TransparentBlt
AlphaBlend

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

comctl32

ImageList_Replace
ImageList_Add
ImageList_GetIconSize
_TrackMouseEvent
ImageList_AddMasked
ImageList_Draw
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_GetIcon

oleaut32

SysFreeString

gdiplus

GdiplusShutdown

Exports

Exports

DeleteInferface
GetInferface

Sections

.text
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69652a6e6fb3f6b151883b1105e1ced9

Headers

DLL Characteristics

File Characteristics

Imports

mfc120

msvcr120

kernel32

user32

gdi32

msimg32

advapi32

comctl32

oleaut32

gdiplus

Exports

Exports

Sections

.text Size: 215KB - Virtual size: 215KB

.rdata Size: 54KB - Virtual size: 54KB

.data Size: 3KB - Virtual size: 5KB

.shared Size: 512B - Virtual size: 4B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 22KB - Virtual size: 22KB

.text
Size: 215KB - Virtual size: 215KB

.rdata
Size: 54KB - Virtual size: 54KB

.data
Size: 3KB - Virtual size: 5KB

.shared
Size: 512B - Virtual size: 4B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 22KB - Virtual size: 22KB