KTEMain32[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

KTEMain32.dll
Size

116KB
MD5

d9e43fdcb1848c89f06f4bd9ea389f27
SHA1

70ec272e340360c8d66ac0cc4bef82426ba23cb5
SHA256

995d22ede53ba9243ea82ab6e166df240880759cc9160acc6a1ee9efb8db591c
SHA512

38eb0eb49129a42d17a244cdf1f167a0e1063a569356d9efcaf05353e16f69c5979e6915537506f6ea44a7d3c244ae0de27682629fbfaaf361d65a392c92866d
SSDEEP

3072:UMZJ2bqmmR2dFiCGYX6V66kwA39gfb5D5:UMZJR2dsC36xDb5D5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
KTEMain32.dll

Files

KTEMain32.dll
.dll windows:6 windows x86 arch:x86

af1d71d0dd22e314f4c1a138d42fc1a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
SetFileAttributesW
Sleep
TerminateThread
CreateThread
GetTickCount
EnterCriticalSection
WriteFile
LeaveCriticalSection
CloseHandle
GetCommandLineW
GetLastError
lstrlenW
GetModuleFileNameW
DeleteFileW
GetModuleHandleW
CreateEventA
WriteConsoleW
CreateFileW
HeapReAlloc
HeapSize
SetFilePointerEx
GetFileSizeEx
SetStdHandle
GetConsoleMode
GetConsoleOutputCP
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
RtlUnwind
RaiseException
InterlockedFlushSList
SetLastError
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
HeapAlloc
HeapFree
LCMapStringW
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
FlushFileBuffers
DecodePointer

user32

ShowWindow
RegisterClassW
MessageBoxA
DefWindowProcW
CreateWindowExW

shell32

CommandLineToArgvW
SHCreateDirectoryExW

shlwapi

StrStrIW

Exports

Exports

DllCheckKey
DllEntry
DllLeftDays
DllPurchase
DllReadFlag
DllReadLicense
DllReadWebUrl
DllUpgradeEnd
DllWriteLicense
ShowModalWordWebWEx

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af1d71d0dd22e314f4c1a138d42fc1a1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

Exports

Exports

Sections

.text Size: 78KB - Virtual size: 78KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 2KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 78KB - Virtual size: 78KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 2KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB