d3b6fa2dc358ecd4085ab10f1532e2a07f8f6de6adb2f57d39fa781cab81e0c6

Sharing

Copy URL Twitter E-mail

General

Target

d3b6fa2dc358ecd4085ab10f1532e2a07f8f6de6adb2f57d39fa781cab81e0c6
Size

101KB
MD5

9500ef76e6f6c861ff0694ae297d1ebf
SHA1

0ff2122fa90b796248354e3ac6b08662a6e7aadc
SHA256

d3b6fa2dc358ecd4085ab10f1532e2a07f8f6de6adb2f57d39fa781cab81e0c6
SHA512

a2e45b4e5ac7710b95bf1ede6bcaddf11ccbb10c8e93eb61065819d083aff0f557048ca26a5954193c9822b69270ff01b39553ca351a1a23bfaa459d5ed29d19
SSDEEP

1536:6HEmsfrefiu/LUt3d/jXuzEDOIFxQztJZ9ZjEE94+kssrExMJtJrHd5osba:6H0yffUjXuIxc/f4+9diVUu

Score

N/A

Malware Config

Signatures

Files

d3b6fa2dc358ecd4085ab10f1532e2a07f8f6de6adb2f57d39fa781cab81e0c6
.dll windows x86

1537c60926b5d6ae1ea4b2bbc55d6eee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalReAlloc
SetFileAttributesA
GetFileType
LockResource
GetModuleHandleA
LocalSize
CloseHandle
LocalFree
GetFileAttributesA
LocalAlloc
GetProcAddress
FreeLibrary
InterlockedExchange
GetLastError
LoadLibraryA
RaiseException
HeapDestroy
GetProcessHeap
LockFile
UnlockFile
CompareFileTime
SystemTimeToFileTime
GlobalAddAtomA
LoadResource
FindResourceW
TryEnterCriticalSection
GetCommandLineW
lstrcmpA
FindResourceA
GetFileSize
lstrcpyA
GetSystemTime
VirtualProtectEx
MulDiv
SetFileTime
ExpandEnvironmentStringsA
GetModuleHandleW
SetEnvironmentVariableW
GetCurrentProcess
GetFileInformationByHandle
WaitForMultipleObjects
SuspendThread

user32

IsCharAlphaNumericA
GetWindow
SetClipboardViewer
UpdateWindow
GetClipboardViewer
SetWindowPos
SetCursorPos
MessageBoxA
GetDC
OpenIcon
EndPaint
SetWindowRgn
DrawTextW
GetParent
IsWindowEnabled
SetParent
BeginPaint
TranslateMessage
GetWindowTextW
PeekMessageA
TranslateAcceleratorA
SetClassLongA
GetWindowRgn
CreateWindowExW
DispatchMessageA
ValidateRgn
CallWindowProcA
SetWindowTextW
SetMessageQueue
GetMessageTime
GetMessagePos
GetClassLongA
MoveWindow
GetWindowLongW
GetClassWord
SwitchToThisWindow

gdi32

DPtoLP
GetCharWidthA
GetTextMetricsW
SetDCPenColor
Chord
GetPixel
RestoreDC
GetDeviceCaps
UnrealizeObject
DeleteObject
CreateCompatibleDC
GetObjectW
GetDCPenColor
SetTextJustification

advapi32

RevertToSelf
ImpersonateNamedPipeClient
ImpersonateSelf
GetOldestEventLogRecord
GetEventLogInformation
DeregisterEventSource
WriteEncryptedFileRaw
CloseEncryptedFileRaw
GetTokenInformation
ReportEventW

Exports

Exports

_CreateSymLink@12
_FindSymLink@4
_FollowSymLink@4
_GetSymLink@4
_UpdateSymLink@16

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 278B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

GLOBAL
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CONST
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TLS
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 842B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1537c60926b5d6ae1ea4b2bbc55d6eee

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.itext Size: 512B - Virtual size: 278B

GLOBAL Size: 3KB - Virtual size: 3KB

CONST Size: 512B - Virtual size: 472B

TLS Size: 512B - Virtual size: 128B

.rsrc Size: 81KB - Virtual size: 81KB

.reloc Size: 1024B - Virtual size: 842B

.text
Size: 12KB - Virtual size: 12KB

.itext
Size: 512B - Virtual size: 278B

GLOBAL
Size: 3KB - Virtual size: 3KB

CONST
Size: 512B - Virtual size: 472B

TLS
Size: 512B - Virtual size: 128B

.rsrc
Size: 81KB - Virtual size: 81KB

.reloc
Size: 1024B - Virtual size: 842B