4fe194a46b7d86451b2254e3117c3b39488db291d58a728e3cd1801711f46e28

Sharing

Copy URL Twitter E-mail

General

Target

4fe194a46b7d86451b2254e3117c3b39488db291d58a728e3cd1801711f46e28
Size

84KB
MD5

d477f0330cee0ffeeb5e1d3d866fe97a
SHA1

aba37be290ad4a20a0d63cfe48c4e3fa6c90ca03
SHA256

4fe194a46b7d86451b2254e3117c3b39488db291d58a728e3cd1801711f46e28
SHA512

9d691d67975fe4e1cb6edf67dde5a23e7c20ab3bf02a3d297f64651935f2c1fbae0f9dd6e32afb30f1a2205d9b75ec545b01810e05d840cb5b97efe1890500e2
SSDEEP

1536:dmpt0YgFotT9QgodHTGojrsPu+sUqmuKq7rSQDu1Os6DAcF6y6:kpt0YcoD8zFs2cqpKq6QDy6DA

Score

N/A

Malware Config

Signatures

Files

4fe194a46b7d86451b2254e3117c3b39488db291d58a728e3cd1801711f46e28
.dll windows x86

f743c47ac186ef81fa6ca39c411a81c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BackupRead
FindNextFileA
CreateDirectoryW
GetVolumePathNameW
ChangeTimerQueueTimer
CreateActCtxW
SetProcessWorkingSetSize
WaitForSingleObjectEx
ReleaseActCtx
GetCurrentProcessId
SetCommState
GetStringTypeW
SetupComm
SearchPathA
GetUserDefaultLCID
SetCommTimeouts
lstrcmpW
GetEnvironmentVariableW
LocalFileTimeToFileTime
CreateMailslotA
CreateToolhelp32Snapshot
BackupWrite
SetTimeZoneInformation
FindResourceW
EnumUILanguagesW
FindActCtxSectionGuid
GlobalGetAtomNameA
IsValidCodePage
GetThreadContext
CreateWaitableTimerW
ReadFileEx
SetVolumeLabelA
ReadConsoleA
GetVolumeInformationW
FindClose
ProcessIdToSessionId
SetConsoleCtrlHandler
GetExitCodeThread
FileTimeToLocalFileTime
EnumResourceLanguagesW
OpenProcess
CopyFileA
GetConsoleCP
WaitNamedPipeA
FreeEnvironmentStringsW
CallNamedPipeA
GetTempPathA
OpenSemaphoreW
GetNumberOfConsoleInputEvents
LCMapStringA
GetCompressedFileSizeW
SetProcessShutdownParameters
SwitchToThread
GetDiskFreeSpaceW
EnumSystemLocalesA
lstrcmpiW
GlobalGetAtomNameW
GetLocalTime
IsBadStringPtrW
PeekConsoleInputW
EnumResourceLanguagesA
SetLocalTime
lstrcpynW
GetCurrencyFormatA
IsBadHugeReadPtr
DuplicateHandle
RtlUnwind
SetEnvironmentVariableW
GetSystemWow64DirectoryW
ExpandEnvironmentStringsW
GetCurrentActCtx
HeapValidate
GetFileAttributesA
CreateRemoteThread
GetSystemInfo
GetModuleFileNameA
lstrlenA
HeapAlloc
InterlockedIncrement
SetLastError
SetEvent
LoadLibraryA
CreateFileMappingA
MapViewOfFile
Sleep
GetComputerNameA
WriteFile
ExitProcess
CloseHandle
GetSystemDirectoryA
GetProcAddress
GetSystemTimeAsFileTime
InterlockedExchange
GlobalAlloc
HeapFree
CreateProcessA
InterlockedDecrement
VirtualAllocEx

ole32

OleLoadFromStream
GetHGlobalFromILockBytes
OleCreate
OleCreateMenuDescriptor
PropVariantCopy
OleUninitialize
OleCreateStaticFromData
OleCreateFromData
CoMarshalInterThreadInterfaceInStream
CoCreateFreeThreadedMarshaler
CreateBindCtx

oleaut32

SysAllocStringLen

shlwapi

StrCatBuffA
PathGetCharTypeW
PathIsNetworkPathW
PathRemoveExtensionW
AssocCreate
PathAddBackslashA
PathAddExtensionW
StrCpyNW
PathFindNextComponentW
PathMakePrettyW
PathAddBackslashW
PathCompactPathExW
StrStrA
PathBuildRootW
StrCmpNIA
StrRetToStrW
PathStripToRootW
wnsprintfA
PathIsRelativeW
UrlEscapeW
SHCreateStreamOnFileW
PathIsUNCServerW
UrlUnescapeW
PathIsUNCW

advapi32

InitiateSystemShutdownW
OpenProcessToken
QueryServiceConfigA
RegisterServiceCtrlHandlerW
InitiateSystemShutdownExW
QueryServiceLockStatusW
RegConnectRegistryA
ReadEventLogA
RegReplaceKeyW
SetEntriesInAclA
GetNumberOfEventLogRecords
ReadEventLogW
RegEnumValueW
StartServiceA
StartServiceW
RegEnumKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorA
SetSecurityInfo
LookupAccountNameA
RegSetValueExA
RegCloseKey
RegQueryValueExA
GetSecurityDescriptorSacl
SetNamedSecurityInfoA
RevertToSelf
RegisterServiceCtrlHandlerExW
CreateProcessAsUserW
GetServiceDisplayNameW
CreateProcessWithLogonW

shell32

ShellAboutW
ShellAboutA
SHGetFolderPathAndSubDirW
ExtractIconW
SHGetFolderPathA
DragQueryFileA
SHOpenFolderAndSelectItems
SHCreateShellItem
ShellExecuteExW

gdi32

DeleteEnhMetaFile
GetTextCharacterExtra
GetPixel
PolyDraw
PlayEnhMetaFile
GetViewportExtEx
SetDIBits
GetTextAlign
GetBitmapBits
SetColorAdjustment
ExtEscape
CreateBitmap
WidenPath
OffsetViewportOrgEx
SetPixel
Polyline
GetCharacterPlacementA
SetBkMode
CreateDiscardableBitmap
EndDoc
ExtFloodFill
OffsetWindowOrgEx
SetRectRgn
TextOutA
OffsetRgn
GetTextFaceA
PolyPolygon
SetWindowOrgEx
SetTextAlign
SwapBuffers
GetTextExtentPoint32A
CombineRgn

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f743c47ac186ef81fa6ca39c411a81c3

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

shlwapi

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 2KB