2802407d25b7f122b6cb4f00979dc6291141edcb1238eec671b9ceaf3203acc6

Sharing

Copy URL

Twitter E-mail

General

Target

2802407d25b7f122b6cb4f00979dc6291141edcb1238eec671b9ceaf3203acc6
Size

174KB
MD5

78605c463098c3a2f47334e9ed918667
SHA1

3525bf485d10e5072e0a6cf36e418291b7a1f3fa
SHA256

2802407d25b7f122b6cb4f00979dc6291141edcb1238eec671b9ceaf3203acc6
SHA512

f8fb0c06d31af2eec9632f94eb52b033f3fd0488127d2555e2baa69ef8a7bdb5bcc0cfc6f07da94713a04d6e9f00f4cec33ef2ecd5b7ebf2c1e489d460d2b042
SSDEEP

3072:g5dTKBH6EMquAuatFbk0FEXcEJORDxlQ9dPeBxqEcrcg:koH3MqVtFbkWAcuyDDiPeWEcrcg

Score

N/A

Malware Config

Signatures

Files

2802407d25b7f122b6cb4f00979dc6291141edcb1238eec671b9ceaf3203acc6
.dll windows x86

aee4dfce54cbc1d3785ff9c77c161da9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_ftol
_vsnprintf
strrchr
_snprintf
wcschr
free
malloc
sscanf
sprintf
??2@YAPAXI@Z
??3@YAXPAX@Z

kernel32

lstrcatW
lstrcpyW
FreeLibrary
GetLastError
GetProcAddress
LoadLibraryA
GetCurrentThreadId
FormatMessageA
DebugBreak
InterlockedDecrement
DisableThreadLibraryCalls
lstrcpyA
lstrcatA
GetModuleFileNameA
lstrcpynA
GetLocalTime
OutputDebugStringA
HeapAlloc
WaitForSingleObject
ExpandEnvironmentStringsA
CreateFileA
SetFilePointerEx
WriteFile
FlushFileBuffers
ReleaseMutex
GetProcessHeap
InterlockedIncrement
lstrlenW
HeapFree
CreateMutexA
MultiByteToWideChar

advapi32

FreeSid
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
RegOpenKeyExA
AllocateAndInitializeSid
GetLengthSid
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
SetSecurityDescriptorDacl

oleaut32

SysFreeString
SysAllocString

wiaservc

wiasWriteBufToFile
wiasWriteMultiple
wiasWritePropLong
wiasCreateDrvItem
wiasQueueEvent
wiasValidateItemProperties
wiasGetItemType
wiasReadPropLong
wiasCreatePropContext
wiasUpdateValidFormat
wiasFreePropContext
wiasGetDrvItem
wiasReadPropGuid
wiasSetItemPropAttribs
wiasSetItemPropNames

user32

LoadStringW

gdiplus

GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImagePixelFormat
GdipDisposeImage
GdipCloneImage
GdipGetImageDimension
GdipSaveImageToStream
GdipLoadImageFromStreamICM
GdiplusStartup
GdipLoadImageFromStream
GdiplusShutdown
GdipFree
GdipAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
_DllEntryPoint@12

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 125KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aee4dfce54cbc1d3785ff9c77c161da9

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

oleaut32

wiaservc

user32

gdiplus

Exports

Exports

Sections

.text Size: 42KB - Virtual size: 41KB

.data Size: 512B - Virtual size: 756B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text Size: 125KB - Virtual size: 128KB

.text
Size: 42KB - Virtual size: 41KB

.data
Size: 512B - Virtual size: 756B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 125KB - Virtual size: 128KB