058ce66e9056d1c480dca60cdd9fd26295d79f43c123d190f86df654b58d3780

Sharing

Copy URL

Twitter E-mail

General

Target

058ce66e9056d1c480dca60cdd9fd26295d79f43c123d190f86df654b58d3780
Size

576KB
MD5

8f738a7381504430a708006466b9f065
SHA1

784e1a0840827c287e39ec91b8e5dd8f11ce12ad
SHA256

058ce66e9056d1c480dca60cdd9fd26295d79f43c123d190f86df654b58d3780
SHA512

8abb366e9f2adc46b9b4d58dc2824247bd2a6447c0958bab903d167bfcdd340c94c5281c3de89c476399752b8cfb995e88d685fcae589d467ce3f9dd1020206e
SSDEEP

12288:CU2pihk9jgVk/iCvl55OnTpnJMogQWMLF3QcnyeCQc:opl9j+kZONJ3gooxQc

Score

N/A

Malware Config

Signatures

Files

058ce66e9056d1c480dca60cdd9fd26295d79f43c123d190f86df654b58d3780
.dll windows x86

cf7865fb5e09e78f534cbc0ca39b974f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

QueryServiceStatus
OpenThreadToken
OpenServiceA
OpenSCManagerA
LookupPrivilegeValueW
GetTokenInformation
DeleteService
CreateServiceA
SetServiceStatus
SetSecurityDescriptorDacl
SetEntriesInAclA
RegisterServiceCtrlHandlerA
RegSetValueExA
RegEnumKeyA
InitializeSecurityDescriptor
StartServiceCtrlDispatcherA
OpenProcessToken
FreeSid
AllocateAndInitializeSid
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
GetLocaleInfoA
GetCommandLineA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapSize
InterlockedDecrement
SetLastError
FindFirstChangeNotificationA
GetEnvironmentVariableA
GetModuleFileNameA
Sleep
VirtualProtectEx
GetVersion
FileTimeToLocalFileTime
CreateEventA
RemoveDirectoryA
GetCurrentThreadId
CreateProcessA
lstrcmpA
HeapAlloc
RaiseException
RtlUnwind
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement

user32

GetWindowTextLengthA
SetForegroundWindow
RegisterClassExA
SendDlgItemMessageA
SendMessageA
DestroyWindow
FrameRect
SystemParametersInfoA
CheckRadioButton
ScreenToClient
GetMenu
SetMenuItemInfoA
EnableWindow
IsWindow
SetScrollInfo
DialogBoxIndirectParamA
GetSysColor
LoadIconA
CreateWindowExA
GetMessagePos
UpdateWindow
GetClassNameA
GetDC
GetAsyncKeyState
EnumChildWindows
GetWindowTextA
FindWindowA
SetClipboardData
ClientToScreen

gdi32

AbortDoc
SetRectRgn
CombineRgn
EndDoc
GetDeviceCaps
SetBkMode
MoveToEx
LineTo
IntersectClipRect
SetAbortProc

shlwapi

PathIsRootA
PathCanonicalizeA
PathStripToRootA

winspool.drv

OpenPrinterA
AddPrinterConnectionA
GetPrinterDataA
GetJobA
DocumentPropertiesA
ClosePrinter

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
ChooseFontA
GetFileTitleA
FindTextA

comctl32

ord17
ImageList_SetOverlayImage
DestroyPropertySheetPage
ImageList_Add
CreateToolbarEx
ord6
ImageList_Destroy
ImageList_LoadImageA

Exports

Exports

Ballbrown

Sections

.text
Size: 496KB - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf7865fb5e09e78f534cbc0ca39b974f

Headers

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

shlwapi

winspool.drv

comdlg32

comctl32

Exports

Exports

Sections

.text Size: 496KB - Virtual size: 496KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 4KB - Virtual size: 44KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 496KB - Virtual size: 496KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 4KB - Virtual size: 44KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB