3853ecea765896399a9d027ea130d192ac701dca471bbcc49852df657b87880c

Sharing

Copy URL

Twitter E-mail

General

Target

3853ecea765896399a9d027ea130d192ac701dca471bbcc49852df657b87880c
Size

2.2MB
MD5

3973ea97a417d8242bea2fb07a4fa339
SHA1

23abd0eb76c00c4a1351891da6be0c0cd7bf3565
SHA256

3853ecea765896399a9d027ea130d192ac701dca471bbcc49852df657b87880c
SHA512

6c4f95dc9077a16b468c95eadc2c79b07e8fa18236fc743f879f322b8023ac29513fd8ecde744e0e4c0b82b6d10d464ce6652f987d5f00c81e18c0f2af51609d
SSDEEP

6144:6G9B5TGta7pkrwM+E/6CcDa+au83mXSLYp83RAhc3mbMFmv4RQx83ubpQXGBa18g:fiM7q996CWah3

Score

N/A

Malware Config

Signatures

Files

3853ecea765896399a9d027ea130d192ac701dca471bbcc49852df657b87880c
.dll windows x86

415563b17e27057096e5773644ce4b58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetACP
GetTimeZoneInformation
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
Sleep
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcAddress
LoadLibraryA
HeapSize
TerminateProcess
GetProfileStringA
InterlockedExchange
SetCurrentDirectoryA
GetCurrentDirectoryA
GlobalUnlock
GlobalLock
GlobalAlloc
CloseHandle
OpenProcess
GetModuleHandleA
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
GetVersion
FreeLibrary
WideCharToMultiByte
LocalFree
FormatMessageA
GetModuleFileNameA
GetCurrentThread
lstrcmpA
InterlockedDecrement
GlobalFree
SetLastError
MulDiv
lstrcpynA
LocalAlloc
InitializeCriticalSection
LockResource
LoadResource
HeapAlloc
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapFree
RtlUnwind
SizeofResource
FindResourceA
GetFileAttributesA
GetDriveTypeA
TlsAlloc
lstrlenA
GetLastError
MultiByteToWideChar
GetFileTime
GetFileSize
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetThreadLocale
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
InterlockedIncrement
lstrcpy
lstrlenW
CreateFileW
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
GetWindowsDirectoryW
GetSystemDirectoryW
GetVersionExW
GetModuleFileNameW
GetCommandLineW
EncodePointer
DecodePointer
GetModuleHandleExW
GetProcessHeap
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleW
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage

user32

CreateMenu
GetClipboardViewer
DestroyMenu
CharUpperA
DestroyIcon
IsCharAlphaNumericA
GetQueueStatus
GetKeyboardLayout
GetOpenClipboardWindow
GetKeyboardType
GetWindowTextLengthW
IsCharAlphaA
GetCapture
GetDlgCtrlID
GetListBoxInfo
GetInputState
IsCharAlphaNumericW
GetMessagePos
IsMenu
GetWindowContextHelpId
CharUpperW
CharLowerA
IsWindowEnabled
ShowCaret
AnyPopup
GetKeyState
GetFocus
GetKBCodePage
GetForegroundWindow
IsCharLowerW
GetParent
OpenIcon
DestroyWindow
InSendMessage
GetSysColor
GetAsyncKeyState
LoadIconA

gdi32

RealizePalette
DeleteObject
GetTextAlign
CancelDC
GetPolyFillMode
SaveDC
AddFontResourceA
CloseFigure
GetDCPenColor
GetObjectType
CreatePatternBrush
GetFontLanguageInfo
EndPath
GetPixelFormat
GetBkMode
DeleteEnhMetaFile
SwapBuffers
GetTextCharset
GetEnhMetaFileBits
GetStockObject

advapi32

RegOpenKeyA

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

415563b17e27057096e5773644ce4b58

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 2.2MB - Virtual size: 2.2MB

.rdata4 Size: 1KB - Virtual size: 1KB

.rdata3 Size: 1KB - Virtual size: 1KB

.data Size: 6KB - Virtual size: 6KB

.rdata2 Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 756B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 2.2MB - Virtual size: 2.2MB

.rdata4
Size: 1KB - Virtual size: 1KB

.rdata3
Size: 1KB - Virtual size: 1KB

.data
Size: 6KB - Virtual size: 6KB

.rdata2
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 756B

.reloc
Size: 3KB - Virtual size: 3KB