General

Malware Config

Signatures

Files

• 1470988e07b7e2606be93d87a0da0dacf1810d997c13d010240bea5eb898b26c

  .dll windows:6 windows x86 arch:x86

  af6f72d0251369ed602e3980c22edadf

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  commondatasetbase

  ?GetModuleDir@Environment@common@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAX@Z

  ?IsDirectory@File@common@@QBE_NXZ

  ?IsExist@File@common@@QBE_NXZ

  ??1File@common@@UAE@XZ

  ??0File@common@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?CopyLen@StringHelper@common@@YA_NPADIPBDZZ

  ?GUIDToString@GUIDHelper@common@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABUtag_GUID@2@@Z

  ?CreateGUID@GUIDHelper@common@@SA_NAAUtag_GUID@2@@Z

  ?IsValid@XmlNode@common@@QBE_NXZ

  ?GetNodeName@XmlNode@common@@QBEPBDXZ

  ?GetNextSibling@XmlNode@common@@QBE?AV12@XZ

  ?GetFirstChild@XmlNode@common@@QBE?AV12@XZ

  ?GetChildByName@XmlNode@common@@QBE?AV12@PBD@Z

  ?GetAttr@XmlNode@common@@QBEPADPBD@Z

  ?GetValue@XmlNode@common@@QBEPADXZ

  ?UTF8ToAnsi@StringHelper@common@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z

  ?GetNodeByName@XmlDoc@common@@QBE?AVXmlNode@2@PBD@Z

  ?LoadXml@XmlDoc@common@@QAE_NPBD@Z

  kernel32

  GetProcAddress

  FileTimeToDosDateTime

  FindFirstFileW

  FindClose

  FileTimeToLocalFileTime

  MultiByteToWideChar

  FreeLibrary

  LoadLibraryA

  DecodePointer

  IsDebuggerPresent

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  GetTickCount64

  DisableThreadLibraryCalls

  EncodePointer

  msvcp110

  ?_BADOFF@std@@3_JB

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

  ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

  ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?_Add_vtordisp1@?$basic_istream@DU?$char_traits@D@std@@@std@@UAEXXZ

  ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

  ?_Add_vtordisp2@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

  ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

  ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

  ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

  ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

  ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1_Lockit@std@@QAE@XZ

  ??0_Lockit@std@@QAE@H@Z

  ?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z

  ?_Orphan_all@_Container_base0@std@@QAEXXZ

  ?_Xlength_error@std@@YAXPBD@Z

  ?_Xout_of_range@std@@YAXPBD@Z

  ?_Xbad_alloc@std@@YAXXZ

  ?_Syserror_map@std@@YAPBDH@Z

  ?_Winerror_map@std@@YAPBDH@Z

  msvcr110

  _wmkdir

  _wremove

  _waccess

  ?what@exception@std@@UBEPBDXZ

  ??1exception@std@@UAE@XZ

  ??0exception@std@@QAE@ABQBD@Z

  tolower

  strtod

  ceil

  _strtoi64

  strtol

  _isnan

  rand

  srand

  ??_V@YAXPAX@Z

  ??0exception@std@@QAE@XZ

  _wassert

  ??8type_info@@QBE_NABV0@@Z

  __RTtypeid

  _lock

  _unlock

  _calloc_crt

  __dllonexit

  _onexit

  ??1type_info@@UAE@XZ

  _vsnprintf

  ?terminate@@YAXXZ

  __CppXcptFilter

  _amsg_exit

  _malloc_crt

  _initterm

  _initterm_e

  _crt_debugger_hook

  __crtUnhandledException

  __crtTerminateProcess

  _except_handler4_common

  __clean_type_info_names_internal

  memcpy

  floor

  _libm_sse2_sqrt_precise

  _libm_sse2_sin_precise

  _libm_sse2_pow_precise

  _libm_sse2_log10_precise

  realloc

  malloc

  free

  ??0exception@std@@QAE@ABV01@@Z

  memchr

  ??2@YAPAXI@Z

  ??3@YAXPAX@Z

  _purecall

  memmove

  _CIatan2

  _CxxThrowException

  __CxxFrameHandler3

  __RTDynamicCast

  _libm_sse2_asin_precise

  _libm_sse2_cos_precise

  memset

  Exports

  Exports

  CreateCommonAnalyzerInfoFactory

  CreateDataSetAnalyzerExecuteIntf

  CreateDataSetPartRangeStatExecuteIntf

  CreateDataSetStatExecuteIntf

  FreeAnalyzerExecuteObject

  FreeCommonAnalyzerInfoFactory

  Sections

  .text

  Size: 1.3MB - Virtual size: 1.3MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 186KB - Virtual size: 185KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 38KB - Virtual size: 41KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1024B - Virtual size: 872B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 99KB - Virtual size: 99KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ