ca4214e15181e52923f713771455f5709e4baa13626cad85b735734cf66d36db

General

Target

ca4214e15181e52923f713771455f5709e4baa13626cad85b735734cf66d36db
Size

281KB
MD5

f3362eae787c09d8061194591dee0727
SHA1

cc5fe51c5b35dcef50b5adfc730b1354ae124bab
SHA256

ca4214e15181e52923f713771455f5709e4baa13626cad85b735734cf66d36db
SHA512

e0ba969db9b0c217c25246695186b53734a4e502765f73d018f91480cc2120fe2472c3a9931bbee998660afd558c54a79b81a80ab32ae59115107084ab7d0de0
SSDEEP

6144:PF/rJ0E6z+/69xtM009DyitzjjqesTLuBxr4Xe3bj99FjQkOA:prB/6J/09lXj2kxraeX5QkOA

Score

N/A

Malware Config

Signatures

Files

ca4214e15181e52923f713771455f5709e4baa13626cad85b735734cf66d36db
.dll windows x86

33187e648a5c96bb739b0fda003be1d2

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetExplicitEntriesFromAclW
LsaEnumeratePrivilegesOfAccount
ChangeServiceConfig2A

crypt32

CertGetNameStringW

kernel32

GetSystemTimeAsFileTime
CreateFileMappingW
GetLastError
GetCurrentProcessId
IsDebuggerPresent
GetCurrentProcess
GetCommandLineW
MapViewOfFile
OpenFileMappingW
GetFileSize
QueryPerformanceCounter
GlobalFree
GetProcAddress
UnmapViewOfFile
GetModuleHandleA
OutputDebugStringW
GetTickCount
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryA
CreateFileW
FreeLibrary
ConvertFiberToThread
IsProcessorFeaturePresent
lstrlenA
CloseHandle
GetModuleHandleW
GetModuleFileNameW
GetCurrentThreadId
GetProcessShutdownParameters
VirtualProtect

shell32

SHBrowseForFolderW
DragQueryFileAorW
ShellExecuteW
SHGetSpecialFolderLocation
CommandLineToArgvW

user32

CopyRect
wsprintfW
WINNLSEnableIME
SetScrollPos
SendNotifyMessageW

Exports

Exports

BaJ
keUo
norT
Fm
XhF
HjG
kHR
haun
EMv
IKk
Ap

Sections

.text
Size: 270KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33187e648a5c96bb739b0fda003be1d2

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

crypt32

kernel32

shell32

user32

Exports

Exports

Sections

.text Size: 270KB - Virtual size: 269KB

.data Size: 5KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 270KB - Virtual size: 269KB

.data
Size: 5KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB