c12c749cbb465484968bf99c46a51ce717620ddee2a5cd9b0168b104b604ba42

Sharing

Copy URL

Twitter E-mail

General

Target

c12c749cbb465484968bf99c46a51ce717620ddee2a5cd9b0168b104b604ba42
Size

247KB
MD5

8330bb88eea6599763e3cb09d03050fc
SHA1

8baf541a6ce53bd158465d366b04971f8cfd2332
SHA256

c12c749cbb465484968bf99c46a51ce717620ddee2a5cd9b0168b104b604ba42
SHA512

c60252ce3d512ce3acccef0754b1980c89968598cc513d87595bd92c7b94d4a75cb956848e5bba14d0dc8eeb4570a38ce60747a5e577800bbf620812e56d29d9
SSDEEP

6144:iHK7IWek55I/9MWV3pNFpv1FWefKD2umYPUL45o:aKe4K1pnF4eyD2nL45o

Score

N/A

Malware Config

Signatures

Files

c12c749cbb465484968bf99c46a51ce717620ddee2a5cd9b0168b104b604ba42
.dll windows x86

29e1205a489417c9ea1b36e0038e4156

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegSetValueExW
ControlTraceW
RegDeleteValueW
SetNamedSecurityInfoW
RegCloseKey
RegCreateKeyExW
CreatePrivateObjectSecurityEx
SystemFunction019
RegOpenKeyExW
GetSecurityDescriptorSacl
DestroyPrivateObjectSecurity
GetSecurityDescriptorDacl
SetPrivateObjectSecurity
GetNamedSecurityInfoW
RegOpenKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
OpenProcessToken
SetFileSecurityW
OpenThreadToken
SystemFunction036

kernel32

SetLastError
InitializeCriticalSectionAndSpinCount
ReadFile
GetProcAddress
SetFileAttributesW
GetVersionExW
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetTickCount
InterlockedIncrement
GetVersion
InterlockedExchange
GetCurrentThreadId
GetLastError
GetTimeFormatA
UnlockFileEx
GetModuleHandleW
GetModuleHandleA
SystemTimeToFileTime
GlobalMemoryStatus
GetCurrentThread
LockFileEx
LoadLibraryExW
GetSystemTime
VirtualFree
HeapAlloc
UnhandledExceptionFilter
LeaveCriticalSection
CopyFileW
HeapFree
FindFirstFileW
SetFilePointer
LocalFree
GetSystemDirectoryW
Sleep
ExitProcess
FreeLibrary
TerminateProcess
CreateFileW
CreateFileMappingW
FindClose
UnmapViewOfFile
InterlockedDecrement
InterlockedCompareExchange
LoadLibraryA
EnterCriticalSection
WriteFile
LoadLibraryW
DeleteFileW
RemoveDirectoryW
GetFileSize
CloseHandle
VirtualAlloc
GetCurrentProcess
GetWindowsDirectoryW
DeleteCriticalSection
MapViewOfFile
GetProcessHeap
QueryPerformanceCounter
GetFileAttributesW
CreateDirectoryW
GetDateFormatA
FlushFileBuffers
ExpandEnvironmentStringsW
FindNextFileW
SetEndOfFile
GetCurrentProcessId
OutputDebugStringA
InitializeCriticalSection
CallNamedPipeA
LocalAlloc
GetVersionExA
VirtualProtect

mscat32

CryptCATAdminEnumCatalogFromHash
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
CryptCATCatalogInfoFromContext

msvcrt

_initterm
_onexit
_exit
_controlfp
__getmainargs
exit
_unlock
_XcptFilter
_cexit
__initenv
fclose
_purecall
_amsg_exit
iswctype
fflush
_wfopen
memset
__setusermatherr
fread
__set_app_type
fprintf
memmove
_errno
__dllonexit
_lock
memcpy

ntdll

_wcsicmp
RtlUnwind
_ltow
wcsncmp
_vsnprintf
towlower
_wcsnicmp
atol
_vsnwprintf
wcsrchr

ole32

CoTaskMemFree
StgOpenStorageEx
StringFromIID
CoInitialize
PropVariantClear
StgOpenStorage
CoCreateInstance
CoUninitialize

rpcrt4

UuidCreate

shell32

SHExtractIconsW
CommandLineToArgvW

user32

GetKeyboardState
GetClassInfoExW
GetProcessWindowStation
WinHelpW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

oa
QcUq
Cb
Ps
eYK
EaT
YTUH
KMau
AXt
qOvQ
ANtN
ut
loAG
VJVd
Nxtg
xrl
QIn
Fe
WEiJ
doL
fge
jrGU
KT
fcq

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 217KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29e1205a489417c9ea1b36e0038e4156

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

mscat32

msvcrt

ntdll

ole32

rpcrt4

shell32

user32

version

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 1024B - Virtual size: 652B

.data Size: 217KB - Virtual size: 224KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 1024B - Virtual size: 652B

.data
Size: 217KB - Virtual size: 224KB

.reloc
Size: 1KB - Virtual size: 1KB