19f90b17a6bcf1c80551ae576d0949d51df8b8e26437a3a8aa6d5d4d344440c4

Sharing

Copy URL

Twitter E-mail

General

Target

19f90b17a6bcf1c80551ae576d0949d51df8b8e26437a3a8aa6d5d4d344440c4
Size

634KB
MD5

c7492b61b4138459b9d45b085f3c79c0
SHA1

39b0ab8064f4e0d2e06775a8ef5dbc6a279db88f
SHA256

19f90b17a6bcf1c80551ae576d0949d51df8b8e26437a3a8aa6d5d4d344440c4
SHA512

7b22e4b582ed6ff974862caed5b90cb49437e793fd10b7fcff798edb645e5b5b0dee8690e7ba5c6e7526e9e51259037ec8489d26e1b03c7639780ad27da676ed
SSDEEP

12288:I/ZX472ylER7JyBC87Gnh3xtQU0Vug3hkIjxlmOUtGeCjA0KsrXf1r:8X472AER097Ghnf03yweCE0KQ

Score

N/A

Malware Config

Signatures

Files

19f90b17a6bcf1c80551ae576d0949d51df8b8e26437a3a8aa6d5d4d344440c4
.dll windows x86

c79d6e739deafe01017851b6a29e283c

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
VirtualProtectEx
CloseHandle
LoadLibraryA
Sleep
GetCurrentThreadId
WaitForSingleObject
RaiseException
DecodePointer
EncodePointer
ReadConsoleW
ReadFile
SetEndOfFile
SetFilePointerEx
SetStdHandle
CreateFileW
CreateThread
WaitForSingleObjectEx
WriteConsoleW
OutputDebugStringW
OutputDebugStringA
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
GetCommandLineW
GetCommandLineA
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
GetLastError
GetModuleFileNameW
InterlockedFlushSList
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RtlUnwind
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapAlloc
HeapValidate
GetSystemInfo
GetModuleFileNameA
GetStringTypeW
GetACP
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
CompareStringW
LCMapStringW
GetEnvironmentVariableA

advapi32

SystemFunction036
CreateServiceA
SetSecurityDescriptorDacl
SetEntriesInAclA
AdjustTokenPrivileges
RegEnumKeyA
RegCloseKey
StartServiceCtrlDispatcherA
CloseServiceHandle
GetTokenInformation
RegOpenKeyExA
InitializeSecurityDescriptor
FreeSid
OpenProcessToken
RegSetValueExA
ControlService
DeleteService
RegisterServiceCtrlHandlerA
SetServiceStatus
LookupPrivilegeValueA
AllocateAndInitializeSid
RegQueryValueExA

mscms

CreateDeviceLinkProfile
GetColorProfileFromHandle
GetColorProfileElementTag
GetCountColorProfileElements
GetColorProfileHeader
SelectCMM
GetPS2ColorRenderingDictionary
GetPS2ColorSpaceArray
EnumColorProfilesA
InstallColorProfileA
CloseColorProfile
ConvertColorNameToIndex
IsColorProfileValid
GetNamedProfileInfo
DeleteColorTransform
DisassociateColorProfileFromDeviceA
GetStandardColorSpaceProfileA
CreateColorTransformA
RegisterCMMA
CreateProfileFromLogColorSpaceA
IsColorProfileTagPresent
SetColorProfileElement
GetPS2ColorRenderingIntent
OpenColorProfileA
GetColorProfileElement
ConvertIndexToColorName
GetColorDirectoryA
GetCMMInfo
CreateMultiProfileTransform

Sections

.text
Size: 361KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c79d6e739deafe01017851b6a29e283c

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

mscms

Sections

.text Size: 361KB - Virtual size: 360KB

.rdata Size: 201KB - Virtual size: 200KB

.data Size: 56KB - Virtual size: 155KB

.gfids Size: 512B - Virtual size: 216B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 361KB - Virtual size: 360KB

.rdata
Size: 201KB - Virtual size: 200KB

.data
Size: 56KB - Virtual size: 155KB

.gfids
Size: 512B - Virtual size: 216B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 12KB