915f41dbb8a500f22f5aa346a0b6eff9db5fb6149b936968476ad585694688c5

Sharing

Copy URL

Twitter E-mail

General

Target

915f41dbb8a500f22f5aa346a0b6eff9db5fb6149b936968476ad585694688c5
Size

247KB
MD5

74331a4e15e793539dac268263c9c506
SHA1

8cfb65c9479cae8c8efdb303aced4d4ecd4dbc94
SHA256

915f41dbb8a500f22f5aa346a0b6eff9db5fb6149b936968476ad585694688c5
SHA512

fa77c86d902579494f13a4d8fb6d89ea8fb6dc8da677f3862667f5ffbd04ed34ff68cd0236d56d3bbcd8a632704ca110f558fa13b0723d789585cfe9efb447f8
SSDEEP

6144:VH0YIWek55I/9MWV3pNFpv1FWefKD2umYPUL45o:V0z4K1pnF4eyD2nL45o

Score

N/A

Malware Config

Signatures

Files

915f41dbb8a500f22f5aa346a0b6eff9db5fb6149b936968476ad585694688c5
.dll windows x86

f60b60cce68324ac2c86156cb1413792

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegSetValueExW
ControlTraceW
RegDeleteValueW
SetNamedSecurityInfoW
RegCloseKey
RegCreateKeyExW
CreatePrivateObjectSecurityEx
SystemFunction019
RegOpenKeyExW
GetSecurityDescriptorSacl
DestroyPrivateObjectSecurity
GetSecurityDescriptorDacl
SetPrivateObjectSecurity
GetNamedSecurityInfoW
RegOpenKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
OpenProcessToken
SetFileSecurityW
OpenThreadToken
SystemFunction036

kernel32

SetLastError
InitializeCriticalSectionAndSpinCount
ReadFile
GetProcAddress
SetFileAttributesA
GetVersionExW
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetTickCount
InterlockedIncrement
GetVersion
InterlockedExchange
GetCurrentThreadId
GetLastError
GetTimeFormatA
UnlockFileEx
GetModuleHandleW
GetModuleHandleA
SystemTimeToFileTime
GlobalMemoryStatus
GetCurrentThread
LockFileEx
LoadLibraryExW
GetSystemTime
VirtualFree
HeapAlloc
UnhandledExceptionFilter
LeaveCriticalSection
CopyFileW
HeapFree
FindFirstFileW
SetFilePointer
LocalFree
GetSystemDirectoryW
Sleep
ExitProcess
FreeLibrary
TerminateProcess
CreateFileW
CreateFileMappingW
FindClose
UnmapViewOfFile
InterlockedDecrement
InterlockedCompareExchange
LoadLibraryA
EnterCriticalSection
WriteFile
LoadLibraryW
DeleteFileW
RemoveDirectoryW
GetFileSize
CloseHandle
VirtualAlloc
GetCurrentProcess
GetWindowsDirectoryW
DeleteCriticalSection
MapViewOfFile
GetProcessHeap
QueryPerformanceCounter
GetFileAttributesW
CreateDirectoryW
GetDateFormatA
FlushFileBuffers
ExpandEnvironmentStringsW
FindNextFileW
SetEndOfFile
GetCurrentProcessId
OutputDebugStringA
InitializeCriticalSection
CallNamedPipeA
LocalAlloc
GetVersionExA
VirtualProtect

mscat32

CryptCATAdminEnumCatalogFromHash
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
CryptCATCatalogInfoFromContext

msvcrt

_initterm
_onexit
_exit
_controlfp
__getmainargs
exit
_unlock
_XcptFilter
_cexit
__initenv
fclose
_purecall
_amsg_exit
iswctype
fflush
_wfopen
memset
__setusermatherr
fread
__set_app_type
fprintf
memmove
_errno
__dllonexit
_lock
memcpy

ntdll

_wcsicmp
RtlUnwind
_ltow
wcsncmp
_vsnprintf
towlower
_wcsnicmp
atol
_vsnwprintf
wcsrchr

ole32

CoTaskMemFree
StgOpenStorageEx
StringFromIID
CoInitialize
PropVariantClear
StgOpenStorage
CoCreateInstance
CoUninitialize

rpcrt4

UuidCreate

shell32

SHExtractIconsW
CommandLineToArgvW

user32

GetKeyboardState
GetClassInfoExW
GetProcessWindowStation
WinHelpW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

oa
QcUq
Cb
Ps
eYK
EaT
YTUH
KMau
AXt
qOvQ
ANtN
ut
loAG
VJVd
Nxtg
xrl
QIn
Fe
WEiJ
doL
fge
jrGU
KT
fcq

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 217KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f60b60cce68324ac2c86156cb1413792

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

mscat32

msvcrt

ntdll

ole32

rpcrt4

shell32

user32

version

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 1024B - Virtual size: 652B

.data Size: 217KB - Virtual size: 224KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 1024B - Virtual size: 652B

.data
Size: 217KB - Virtual size: 224KB

.reloc
Size: 1KB - Virtual size: 1KB