General

Malware Config

Signatures

Files

• ae97252af977c7e64b2eeca6140e129e

  .dll windows:6 windows x86 arch:x86

  49c4814f9659cba3f787457752949e56

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetDateFormatW

  LoadResource

  CreateProcessW

  QueryPerformanceCounter

  GetModuleHandleW

  OpenProcess

  GetSystemDirectoryW

  SizeofResource

  GetVersionExW

  CreateFileW

  GetCurrentDirectoryW

  VirtualProtect

  GetWindowsDirectoryW

  GetSystemTime

  ReadConsoleW

  WriteConsoleW

  SetStdHandle

  OutputDebugStringW

  LoadLibraryExW

  HeapReAlloc

  SetFilePointerEx

  ReadFile

  GetConsoleMode

  GetConsoleCP

  FlushFileBuffers

  CloseHandle

  GetModuleFileNameW

  WriteFile

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetModuleFileNameA

  GetFileType

  GetStdHandle

  HeapSize

  GetModuleHandleExW

  ExitProcess

  GetProcessHeap

  GetOEMCP

  GetACP

  IsValidCodePage

  IsDebuggerPresent

  EnumSystemLocalesW

  GetUserDefaultLCID

  IsValidLocale

  GetLocaleInfoW

  LCMapStringW

  GetProcAddress

  GetStartupInfoW

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  TerminateProcess

  GetCurrentProcess

  Sleep

  InitializeCriticalSectionAndSpinCount

  SetLastError

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  IsProcessorFeaturePresent

  WideCharToMultiByte

  EncodePointer

  DecodePointer

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  MultiByteToWideChar

  GetStringTypeW

  GetLastError

  HeapFree

  GetCommandLineA

  GetCurrentThreadId

  GetCPInfo

  RaiseException

  RtlUnwind

  HeapAlloc

  user32

  DefWindowProcA

  GetSysColorBrush

  CreatePopupMenu

  EndDialog

  ReleaseDC

  GetWindowLongW

  CreateDialogIndirectParamW

  OffsetRect

  LoadIconW

  GetForegroundWindow

  CloseClipboard

  GetMessageW

  DialogBoxIndirectParamW

  CallNextHookEx

  WindowFromPoint

  GetClientRect

  EnumWindows

  GetClassInfoExA

  GetWindowRect

  ole32

  CoRegisterClassObject

  CoTaskMemAlloc

  CoTaskMemFree

  CoInitialize

  CoRegisterSurrogate

  CoUninitialize

  dbghelp

  UnmapDebugInformation

  SymRegisterFunctionEntryCallback

  SymUnDName64

  SymLoadModule

  SymMatchFileName

  SymRegisterCallback64

  SymRegisterCallback

  SymRegisterFunctionEntryCallback64

  SymSetOptions

  EnumerateLoadedModules64

  SymInitialize

  SymLoadModule64

  SymMatchString

  SymUnDName

  UnDecorateSymbolName

  SymSetContext

  SymSetSearchPath

  SymUnloadModule

  SymUnloadModule64

  imagehlp

  TouchFileTimes

  BindImageEx

  CheckSumMappedFile

  UnMapAndLoad

  BindImage

  UpdateDebugInfoFile

  UpdateDebugInfoFileEx

  loadperf

  LoadPerfCounterTextStringsW

  UpdatePerfNameFilesW

  Exports

  Exports

  Broughtcaught

  Racehot

  Strange

  Sections

  .text

  Size: 231KB - Virtual size: 231KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 295KB - Virtual size: 294KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 7KB - Virtual size: 620KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ