General

Malware Config

Signatures

Files

• 184cbf7df459c6266184ad6f241c66805a4301aa198920465a6756ee073d6801

  .dll windows:6 windows x64

  5fe9f81aa80d4c7eb05495afad9a1b1f

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  Imports

  kernel32

  CloseHandle

  CreateProcessA

  CreateToolhelp32Snapshot

  GetCurrentProcess

  GetCurrentProcessId

  GetCurrentThreadId

  GetLastError

  GetModuleHandleA

  GetProcAddress

  GetProcessHeap

  GetSystemTimeAsFileTime

  HeapAlloc

  InitializeProcThreadAttributeList

  InitializeSListHead

  IsDebuggerPresent

  IsProcessorFeaturePresent

  OpenProcess

  Process32FirstW

  Process32NextW

  QueryPerformanceCounter

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  SetUnhandledExceptionFilter

  TerminateProcess

  UnhandledExceptionFilter

  UpdateProcThreadAttribute

  VirtualAllocEx

  WriteProcessMemory

  msvcp140

  ?_Xlength_error@std@@YAXPEBD@Z

  ?_Xout_of_range@std@@YAXPEBD@Z

  shlwapi

  StrStrIW

  vcruntime140

  _CxxThrowException

  __C_specific_handler

  __CxxFrameHandler3

  __std_exception_copy

  __std_exception_destroy

  __std_terminate

  __std_type_info_destroy_list

  memcpy

  memset

  api-ms-win-crt-stdio-l1-1-0

  __acrt_iob_func

  __stdio_common_vfprintf

  __stdio_common_vfscanf

  api-ms-win-crt-heap-l1-1-0

  _callnewh

  free

  malloc

  api-ms-win-crt-runtime-l1-1-0

  _cexit

  _configure_narrow_argv

  _execute_onexit_table

  _initialize_narrow_environment

  _initialize_onexit_table

  _initterm

  _initterm_e

  _invalid_parameter_noinfo_noreturn

  _seh_filter_dll

  api-ms-win-crt-string-l1-1-0

  strlen

  Exports

  Exports

  AppVIsvSubsystems64_1

  Sections

  .text

  Size: 25KB - Virtual size: 24KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 6KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 263KB - Virtual size: 264KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 1024B - Virtual size: 1020B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .00cfg

  Size: 512B - Virtual size: 56B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .retplne

  Size: 512B - Virtual size: 140B

  .rsrc

  Size: 512B - Virtual size: 232B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1024B - Virtual size: 852B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ