15c143a7c62f5f4c296c15bc223a2364a8bb7082d3cf066f045e5a5492dde4db

Sharing

Copy URL Twitter E-mail

General

Target

15c143a7c62f5f4c296c15bc223a2364a8bb7082d3cf066f045e5a5492dde4db
Size

171KB
MD5

509c5730c5c961cdc9f2d013a7fbcae1
SHA1

1ab66bf829df797ac74114865a45cde1721f2a02
SHA256

15c143a7c62f5f4c296c15bc223a2364a8bb7082d3cf066f045e5a5492dde4db
SHA512

81126f46404bc0a3d12188ab9e6ea986bbbb4ae9a8529c8b52a76231f8d5fbde4326131ece428ff8b507f27f03025f26a80f13816766ea8ce7a983804b85d601
SSDEEP

3072:CqLKakeTv+zN8URQmEA1ynIyMDncyc4YwTRGSF:9LKZ/zu4dynI/Dcyc4NXF

Score

N/A

Malware Config

Signatures

Files

15c143a7c62f5f4c296c15bc223a2364a8bb7082d3cf066f045e5a5492dde4db
.dll windows x86

0a259edf15146db02f5f6ec320c4cd95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

atoi
__set_app_type
isspace
_amsg_exit
??3@YAXPAX@Z
_wcsicmp
__p__fmode
fclose
floor
isxdigit
__p__commode
wcscpy
??0exception@@QAE@ABV0@@Z
swscanf
_wcsdup
__setusermatherr

advapi32

RegOpenKeyW
GetAclInformation
IsValidSid
CryptHashData
IsValidAcl
RegEnumValueA
GetSidSubAuthority
RegQueryValueW
GetSidLengthRequired
CryptDestroyHash
EqualSid
RegisterTraceGuidsW
OpenServiceW
RegEnumKeyA
ImpersonateLoggedOnUser
DeleteAce
RegSetValueW
SetFileSecurityW
LookupPrivilegeValueA
InitializeSid
CloseServiceHandle
GetLengthSid

ole32

CoGetClassObject
StringFromIID
GetHGlobalFromStream
CreateBindCtx
CoGetObjectContext
CoImpersonateClient
CoReleaseMarshalData
CoInitializeSecurity
OleSaveToStream
CoTaskMemRealloc
CreateILockBytesOnHGlobal
CoCreateInstanceEx

user32

SetWindowTextA
GetSystemMenu
GetWindowTextA
TranslateMessage
PtInRect
GetWindowDC
DispatchMessageA
GetAncestor
GetSysColor
SetRect
SetTimer
GetClientRect
CalcMenuBar
GetSystemMetrics
CharUpperA
IsZoomed
IsChild
GetActiveWindow
WinHelpW
GetWindowTextW
CopyRect
GetSubMenu
LoadIconW

kernel32

VirtualAlloc
lstrcpynA
GetFileAttributesW
ResumeThread
CreateEventW
GetStartupInfoA
GetOEMCP
lstrcatW
GetModuleHandleA
InterlockedExchange
GetCurrentProcessId
GetCurrentThreadId
FileTimeToSystemTime
SetLastError
GetFileSize
GetConsoleMode
GetVersionExA
WaitForSingleObject
CreateDirectoryA
GetCommandLineW
ExitProcess
GetSystemTime

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 79KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 493B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a259edf15146db02f5f6ec320c4cd95

Headers

File Characteristics

Imports

msvcrt

advapi32

ole32

user32

kernel32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 83KB - Virtual size: 83KB

.data Size: 79KB - Virtual size: 269KB

.reloc Size: 512B - Virtual size: 493B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 83KB - Virtual size: 83KB

.data
Size: 79KB - Virtual size: 269KB

.reloc
Size: 512B - Virtual size: 493B