dd4f1c52e46f4e7c1b2f767a664ed6d5c924e1dcf9ebaada5ef98534d12d5d1a

General

Target

dd4f1c52e46f4e7c1b2f767a664ed6d5c924e1dcf9ebaada5ef98534d12d5d1a
Size

50KB
MD5

77e3a1471953851b75f110377fcaaa70
SHA1

6bbd6ed3ece6a7211493899f50ea0145728175c2
SHA256

dd4f1c52e46f4e7c1b2f767a664ed6d5c924e1dcf9ebaada5ef98534d12d5d1a
SHA512

85c0f621006b8ee823c65b55b6426c28ef3484ca090f87bf446fc3acf3bd13c5579ba4acdec249dc373bd62b319555c1dc9c3798d4976e2ff4797efcbb8dc037
SSDEEP

1536:1eYEA5+1VKiQ36PyCTidXKrFjKK3P+Wnwddu:1nj5qo6PyCOXKrFjKKGQwLu

Score

N/A

Malware Config

Signatures

Files

dd4f1c52e46f4e7c1b2f767a664ed6d5c924e1dcf9ebaada5ef98534d12d5d1a
.dll windows x86

2932a907e1d468d3c8c1e40666b009a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
DeleteFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
ExitThread
TerminateThread
WaitForMultipleObjects
CreateMailslotA
GetModuleFileNameA
GetLastError
SetEndOfFile
GetModuleHandleA
GetProcAddress
OpenProcess
lstrcpyA
lstrcatA
WaitForSingleObject
IsBadReadPtr
ReadFile
lstrlenA
CloseHandle
GetSystemDirectoryA
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
LoadLibraryA
ReleaseMutex
GetModuleHandleW
CreateEventA
CreateMutexW
MultiByteToWideChar
CreateThread
FindNextFileA
FindFirstFileA
lstrcmpA
CompareStringA
CreateDirectoryA
GetTickCount
GetTempFileNameA
GetFileAttributesA
SetEvent
ResetEvent
FindClose
CreateFileA
WriteFile
SetFilePointer

user32

wsprintfA

advapi32

ImpersonateLoggedOnUser
CryptHashData
CryptDeriveKey
CryptEncrypt
CryptDestroyHash
CryptDestroyKey
CryptReleaseContext
RegNotifyChangeKeyValue
RegCreateKeyExA
RegSetValueExA
CreateProcessAsUserA
InitializeSecurityDescriptor
CryptAcquireContextA
CryptCreateHash
RegOpenCurrentUser
RegOpenKeyExA
RegQueryValueExA
RevertToSelf
RegCreateKeyA
RegCloseKey
CryptDecrypt

iphlpapi

GetAdaptersInfo

shell32

SHGetFolderPathA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2932a907e1d468d3c8c1e40666b009a0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

iphlpapi

shell32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB