ab1ba396c38cd0f3fa70d07b600d3f79388a818ca95e944033edc30dbe2e4912

Sharing

Copy URL Twitter E-mail

General

Target

ab1ba396c38cd0f3fa70d07b600d3f79388a818ca95e944033edc30dbe2e4912
Size

121KB
MD5

6af8b49ddfeb240fc703116b01c845b0
SHA1

4caef0629fcd446c0fbce326e65d0102715a69fc
SHA256

ab1ba396c38cd0f3fa70d07b600d3f79388a818ca95e944033edc30dbe2e4912
SHA512

c43541b529cec9611ecc8bdb5c42383e4bc849a546c24bd56c8d47562c0e6e71c35077827b2c67072eeb1e96813651f3f517f47a518f1317c75be32deb33da4b
SSDEEP

1536:dVfuzrWZVAeqDGIr+CHKlCUAs3P20OJ52dAv1vGYRGRvD5fnL0:LfuzrWZoGIiCHG7u0JSv1pKvVL0

Score

N/A

Malware Config

Signatures

Files

ab1ba396c38cd0f3fa70d07b600d3f79388a818ca95e944033edc30dbe2e4912
.dll windows x86

cda30a3bb02979e3411adcccb5ccb1f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

PfxInsertPrefix
memcmp
RtlSetBits
NtRequestPort
RtlTimeToSecondsSince1970
RtlAssert
NtAdjustPrivilegesToken
RtlReAllocateHeap
strrchr
NtSecureConnectPort
RtlConvertVariantToProperty
RtlSubtreeSuccessor
NtSetUuidSeed
RtlFindNextForwardRunClear
RtlDosSearchPath_U
NtSetSystemTime
RtlFreeSid
RtlUnicodeStringToInteger
_stricmp
NtCreatePagingFile
wcscat
strcspn
RtlCreateTimer
_wcsicmp
RtlCompareMemoryUlong
RtlCheckRegistryKey
RtlAllocateHandle
_atoi64
RtlValidAcl
NtSetQuotaInformationFile
NtReleaseMutant
RtlIntegerToUnicodeString

kernel32

CompareStringW
SetErrorMode
ContinueDebugEvent
RegisterWowBaseHandlers
GlobalUnWire
GetEnvironmentStringsA
SetVolumeLabelW
lstrcmpiW
SetConsoleHardwareState
IsBadCodePtr
ExitProcess
MulDiv
GetConsoleCP
WriteConsoleOutputCharacterA
EnumCalendarInfoA
GetCurrencyFormatW
EnumSystemLocalesW
GetLogicalDrives
ReadConsoleOutputAttribute
GetLogicalDriveStringsW
GetCommMask
ExitProcess
InterlockedExchange
GetTempPathW
RegisterWowExec
GetConsoleCommandHistoryLengthA
EnumSystemLocalesA
VirtualAlloc
MoveFileExA
SetTimeZoneInformation
VirtualFree
OpenProfileUserMapping
lstrcpyW
WaitForDebugEvent

gdi32

GetClipRgn
GetObjectA
GetTransform
GetPixel
GetCharWidthW
GetObjectW
WidenPath
SetTextColor
GetICMProfileA
GetDIBits
EnumICMProfilesA
GetEnhMetaFileW
GetMetaRgn
GetWinMetaFileBits
GetKerningPairsA
UpdateICMRegKeyA
EnumICMProfilesW
GetTextCharacterExtra
GdiGetBatchLimit
GdiQueryFonts
EndPath
GetEnhMetaFilePixelFormat
GetCharacterPlacementW
GdiGetLocalDC
GetDeviceCaps
OffsetViewportOrgEx
SetMagicColors
ResetDCA
GetTextColor
bMakePathNameW

ole32

CoAddRefServerProcess
CreateOleAdviseHolder
CoCopyProxy
HPALETTE_UserFree
WdtpInterfacePointer_UserUnmarshal
StgIsStorageFile
CoIsHandlerConnected
StgCreateDocfileOnILockBytes
CoFreeLibrary
OleConvertOLESTREAMToIStorageEx
CreateGenericComposite
HMETAFILE_UserMarshal
OleQueryCreateFromData
OleRegEnumVerbs
PropVariantClear
CreateStreamOnHGlobal
CoGetCallerTID
IIDFromString
SNB_UserUnmarshal
CoDisconnectObject
OleCreateEmbeddingHelper
HPALETTE_UserUnmarshal
OleCreateFromData
CoFileTimeNow
CreateFileMoniker
HWND_UserMarshal
CLSIDFromProgID
StgGetIFillLockBytesOnILockBytes
ProgIDFromCLSID
UtGetDvtd32Info
OleGetIconOfClass
PropSysFreeString
CoQueryReleaseObject

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cda30a3bb02979e3411adcccb5ccb1f9

Headers

File Characteristics

Imports

ntdll

kernel32

gdi32

ole32

Sections

.text Size: 40KB - Virtual size: 40KB

.data Size: 75KB - Virtual size: 200KB

.adata Size: 4KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 40KB

.data
Size: 75KB - Virtual size: 200KB

.adata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB