dcffb2fa61007968135189b85bc57108972baeb33a2f99577fdb1ca1c310ff42

Sharing

Copy URL

Twitter E-mail

General

Target

dcffb2fa61007968135189b85bc57108972baeb33a2f99577fdb1ca1c310ff42
Size

2.2MB
MD5

a4c286f26273de7dcaff6f9176bb4b40
SHA1

c97ab650558645dd6ffa47be89857d22e570bc8a
SHA256

dcffb2fa61007968135189b85bc57108972baeb33a2f99577fdb1ca1c310ff42
SHA512

5ae9c55b6da2815d9de2d0bda6a2661f40c665b8c17fc820b7c3d31ac57c1d38a0b8f29ad0c82d4cfdb986de68569fb6701fae148f40406d0a64962c1dfcebce
SSDEEP

6144:gG9B5TGta7pkrwM+E/6CcDa+au83mXSLYp83RAhc3mbMFmv4RQx83ubpQXGBa188:NiM7q996CWahHj

Score

N/A

Malware Config

Signatures

Files

dcffb2fa61007968135189b85bc57108972baeb33a2f99577fdb1ca1c310ff42
.dll windows x86

baa608283cbe1071d4e2931d08d784ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetACP
GetTimeZoneInformation
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
Sleep
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcAddress
LoadLibraryA
HeapSize
TerminateProcess
GetProfileStringA
InterlockedExchange
SetCurrentDirectoryA
GetCurrentDirectoryA
GlobalUnlock
GlobalLock
GlobalAlloc
CloseHandle
OpenProcess
GetModuleHandleA
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
GetVersion
FreeLibrary
WideCharToMultiByte
LocalFree
FormatMessageA
GetModuleFileNameA
GetCurrentThread
lstrcmpA
InterlockedDecrement
GlobalFree
SetLastError
MulDiv
lstrcpynA
LocalAlloc
InitializeCriticalSection
LockResource
LoadResource
HeapAlloc
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapFree
RtlUnwind
SizeofResource
FindResourceA
GetFileAttributesA
GetDriveTypeA
TlsAlloc
lstrlenA
GetLastError
MultiByteToWideChar
GetFileTime
GetFileSize
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetThreadLocale
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
InterlockedIncrement
lstrcpy
lstrlenW

user32

LoadIconA
CreateMenu
GetClipboardViewer
DestroyMenu
CharUpperA
DestroyIcon
IsCharAlphaNumericA
GetQueueStatus
GetKeyboardLayout
GetOpenClipboardWindow
GetKeyboardType
GetWindowTextLengthW
IsCharAlphaA
GetCapture
GetDlgCtrlID
GetListBoxInfo
GetInputState
IsCharAlphaNumericW
GetMessagePos
IsMenu
GetWindowContextHelpId
CharUpperW
CharLowerA
IsWindowEnabled
ShowCaret
AnyPopup
GetKeyState
GetFocus
GetKBCodePage
GetForegroundWindow
IsCharLowerW
GetParent
OpenIcon
DestroyWindow
InSendMessage
GetSysColor
GetAsyncKeyState

gdi32

GetStockObject
RealizePalette
DeleteObject
GetTextAlign
CancelDC
GetPolyFillMode
SaveDC
AddFontResourceA
CloseFigure
GetDCPenColor
GetObjectType
CreatePatternBrush
GetFontLanguageInfo
EndPath
GetPixelFormat
GetBkMode
DeleteEnhMetaFile
SwapBuffers
GetTextCharset
GetEnhMetaFileBits

advapi32

RegOpenKeyA

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

baa608283cbe1071d4e2931d08d784ac

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 2.2MB - Virtual size: 2.2MB

.rdata4 Size: 1KB - Virtual size: 1KB

.rdata3 Size: 1KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 5KB

.rdata2 Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 756B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 2.2MB - Virtual size: 2.2MB

.rdata4
Size: 1KB - Virtual size: 1KB

.rdata3
Size: 1KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 5KB

.rdata2
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 756B

.reloc
Size: 3KB - Virtual size: 2KB