General

Malware Config

Signatures

Files

• b5c00903aa332df4946749702f39dbf9

  .dll regsvr32 windows:6 windows x86 arch:x86

  36d18f8cb3bee16af0421e6a936157a8

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  winmm

  mciSendCommandW

  joyGetNumDevs

  joyGetPosEx

  timeGetTime

  waveOutPrepareHeader

  waveOutOpen

  waveOutUnprepareHeader

  waveOutReset

  waveOutWrite

  waveOutClose

  timeEndPeriod

  timeBeginPeriod

  joyGetDevCapsW

  wsock32

  socket

  gethostbyname

  bind

  sendto

  setsockopt

  ntohs

  htons

  WSAGetLastError

  select

  ioctlsocket

  recvfrom

  WSAStartup

  inet_ntoa

  closesocket

  kernel32

  RaiseException

  SetEnvironmentVariableW

  SetEndOfFile

  CreateFileW

  HeapSize

  LCMapStringW

  CompareStringW

  GetStringTypeW

  SetEnvironmentVariableA

  WriteConsoleW

  SetStdHandle

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCurrentProcessId

  QueryPerformanceCounter

  GetModuleFileNameA

  GetCurrentDirectoryW

  CreateDirectoryW

  FindNextFileW

  FindFirstFileExW

  GetTimeZoneInformation

  DeleteFileW

  WriteConsoleInputW

  MapViewOfFile

  UnmapViewOfFile

  SetConsoleScreenBufferSize

  SetEvent

  GetLargestConsoleWindowSize

  GetStdHandle

  GetConsoleScreenBufferInfo

  CreateEventW

  SetConsoleWindowInfo

  WaitForMultipleObjects

  CloseHandle

  ReadConsoleOutputCharacterW

  VirtualFree

  GetLastError

  VirtualAlloc

  FreeLibrary

  GlobalLock

  GlobalAlloc

  LoadLibraryW

  GlobalUnlock

  GetProcAddress

  GlobalFree

  ExitProcess

  GetNativeSystemInfo

  GetDriveTypeW

  AllocConsole

  GetNumberOfConsoleInputEvents

  SetErrorMode

  HeapAlloc

  GlobalSize

  HeapFree

  GetProcessHeap

  IsBadReadPtr

  WriteFile

  Sleep

  FreeConsole

  GetVersionExW

  SetLastError

  LoadLibraryA

  VirtualProtect

  ReadConsoleInputW

  OutputDebugStringW

  GetModuleFileNameW

  FlushFileBuffers

  GetCPInfo

  GetOEMCP

  GetACP

  IsValidCodePage

  SetFilePointerEx

  MoveFileExW

  GetConsoleCP

  DeleteCriticalSection

  GetFileType

  GetModuleHandleW

  GetStartupInfoW

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  TerminateProcess

  GetCurrentProcess

  InitializeCriticalSectionAndSpinCount

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  ReadConsoleW

  GetConsoleMode

  LeaveCriticalSection

  IsDebuggerPresent

  IsProcessorFeaturePresent

  AreFileApisANSI

  MultiByteToWideChar

  ReadFile

  RtlUnwind

  GetSystemTimeAsFileTime

  EncodePointer

  DecodePointer

  CreateThread

  GetCurrentThreadId

  ExitThread

  LoadLibraryExW

  SystemTimeToTzSpecificLocalTime

  FileTimeToSystemTime

  FindClose

  GetFullPathNameA

  HeapReAlloc

  GetModuleHandleExW

  WideCharToMultiByte

  GetCommandLineA

  EnterCriticalSection

  user32

  RegisterWindowMessageW

  GetWindowLongW

  SetWindowLongW

  AdjustWindowRect

  UnregisterHotKey

  RegisterHotKey

  DefWindowProcW

  MoveWindow

  CloseClipboard

  GetMessageW

  SetForegroundWindow

  TranslateMessage

  MessageBoxA

  GetClipboardData

  PeekMessageW

  ShowWindow

  OpenClipboard

  DispatchMessageW

  MessageBoxW

  GetWindowRect

  SetCapture

  ShowCursor

  SetCursorPos

  SystemParametersInfoW

  GetCursorPos

  ClipCursor

  GetSystemMetrics

  ReleaseCapture

  Exports

  Exports

  DllRegisterServer

  Sections

  .text

  Size: 465KB - Virtual size: 465KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 62KB - Virtual size: 61KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 56KB - Virtual size: 7.2MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 136KB - Virtual size: 136KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 36KB - Virtual size: 36KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ