1f14a2ce2963e923b8ba62649d6f81853d4e86d2f5a0cbeb69094b8268ea001b

Sharing

Copy URL Twitter E-mail

General

Target

1f14a2ce2963e923b8ba62649d6f81853d4e86d2f5a0cbeb69094b8268ea001b
Size

197KB
MD5

72236d4340c4660478a554aabe6d5242
SHA1

613f671e567a0733ef084064172a30d2aa334aa1
SHA256

1f14a2ce2963e923b8ba62649d6f81853d4e86d2f5a0cbeb69094b8268ea001b
SHA512

5f76605ef139f9e95094cf4f981dddd4cc2f2878cded401a453908d6cc3e91132659cc3ddf6a513efd9e1e44119d9e779b855b91f6343f36599766cd78f47819
SSDEEP

6144:UdJwMwO2OInjZ5O/ETLz7ZwfbBrnZZaFqqDLuu0:UdJwMwOgnaM78BrnZ7qnuu0

Score

N/A

Malware Config

Signatures

Files

1f14a2ce2963e923b8ba62649d6f81853d4e86d2f5a0cbeb69094b8268ea001b
.dll windows x86

16d96ad56ec9d399552cb8007322fa75

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetProfileStringA
DeleteFileW
DeleteFileA
CreateDirectoryW
CreateDirectoryA
GetSystemDirectoryA
GetProfileStringW
FindClose
LoadLibraryExA
OutputDebugStringW
FindFirstFileW
FindNextFileW
GetLogicalDriveStringsW
LoadLibraryA
lstrlenW
WideCharToMultiByte
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsGetValue
GetStdHandle
GetACP
GetOEMCP
WriteFile
VerLanguageNameW
FlushFileBuffers
SetStdHandle
GetSystemInfo
VirtualQuery
InterlockedIncrement
InterlockedDecrement
lstrlenA
HeapDestroy
GlobalUnlock
GlobalLock
lstrcpynA
SizeofResource
LoadResource
FindResourceA
lstrcpyA
lstrcatA
GlobalFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
lstrcmpiA
InterlockedCompareExchange
InterlockedExchange
GetComputerNameW
VerLanguageNameA
SetErrorMode
GetModuleFileNameA
DisableThreadLibraryCalls
GetVersionExA
GetDateFormatA
GetThreadLocale
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
GetTempFileNameA
GetTempPathA
GetSystemDirectoryW
FreeLibrary
FormatMessageW
LoadLibraryExW
CloseHandle
SetEvent
GetProcAddress
lstrcpyW
Sleep
LoadLibraryW
GetCurrentThread
CreateThread
GetModuleHandleW
GetCurrentProcess
TerminateThread
LocalAlloc
LocalFree
FindAtomA
DeleteAtom
GetCommandLineA
VirtualAlloc
VirtualProtect

user32

MessageBoxW
EnableWindow
SetWindowLongA
LoadStringA
SendMessageW
CharNextA
SetDlgItemInt
RegisterClipboardFormatA
GetWindowRect
GetDlgItem
SendMessageA
LoadCursorA
GetWindow
CharUpperBuffW
GetActiveWindow
wsprintfA
EndDialog
SetFocus
SetCursor
DialogBoxParamW
ShowWindow
PostMessageA
IsWindow
SetWindowTextW
SetWindowTextA
GetWindowLongA
GetWindowTextW
LoadStringW
GetDesktopWindow
MoveWindow
GetSystemMetrics
GetWindowTextA
GetParent
GetDlgCtrlID
MessageBoxA
DialogBoxParamA

advapi32

LookupAccountSidW
GetLengthSid
CopySid
OpenProcessToken
OpenThreadToken
RegCloseKey
SetServiceStatus
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
RegFlushKey
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegEnumValueW
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyW
RegEnumKeyExW
RegGetKeySecurity
RegConnectRegistryW
RegSaveKeyW
RegUnLoadKeyW
RegSetKeySecurity
RegQueryInfoKeyW
RegSetValueExW
RegLoadKeyW
RegDeleteKeyW
InitializeSecurityDescriptor
GetTokenInformation

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

rpcrt4

I_RpcMapWin32Status
RpcRevertToSelf
RpcImpersonateClient

msvcrt

free
_wcsnicmp
fopen
_winmajor
_wsplitpath
wcsncmp
wcsrchr
_errno
calloc
_fullpath
_wfullpath
_access
_waccess
_open
_wopen
_close
iswctype
_snwprintf
_wmakepath
sprintf
_splitpath
wcschr
_ltow
wcstol
fclose
fprintf
memset
memcpy
realloc
_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
malloc
_wcsicmp
memmove
wcscpy
wcslen
wcscmp
wcsncpy
wcscat
wcsncat
swprintf
_except_handler3
__CxxFrameHandler

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16d96ad56ec9d399552cb8007322fa75

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rpcrt4

msvcrt

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 61KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 61KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 6KB