585338ea5c391db6b5e92560b3d5d2bbf5d8f39799acc44e1b79db3ac029b626

Sharing

Copy URL Twitter E-mail

General

Target

585338ea5c391db6b5e92560b3d5d2bbf5d8f39799acc44e1b79db3ac029b626
Size

63KB
MD5

67d5c5c463f3594db3f339e9656d147c
SHA1

f7daf79eabcc4b5393e43916d729aa19d8015be6
SHA256

585338ea5c391db6b5e92560b3d5d2bbf5d8f39799acc44e1b79db3ac029b626
SHA512

35fa5960b72f5190fac4ddaeb56ba63c063376e1ccc346f60bfcda7312d065b7db10e5bd9ef80434d1e0f3a52c27aaddb0825abd8e205964d2a290f4508cfc1c
SSDEEP

1536:KUY5uMsDzmLtjy9SXGCCM5IWNDzne4Rznu:TMuQycXBCaDzne9

Score

N/A

Malware Config

Signatures

Files

585338ea5c391db6b5e92560b3d5d2bbf5d8f39799acc44e1b79db3ac029b626
.dll windows x86

1792d0d85258f0dec3107f90e8263975

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iser32

GetKeyboardLayout
BringWindowToTop
SetWindowLongW
GetWindowThreadProcessId
GetWindow
GetDesktopWindow
TranslateMessage
PeekMessageW
SetScrollRange
SetParent
GetKeyState
DestroyMenu
SetActiveWindow
GetCursorPos
LoadAcceleratorsA
GetTopWindow
GetScrollPos
WinHelpW
RegisterClassExA
IsDlgButtonChecked
CreateWindowExW
GetScrollRange
SetWindowPlacement
GetWindowRect
DefFrameProcA
PostMessageA
GetDC
SendDlgItemMessageA
GetUpdateRect
IsChild
MessageBeep
DispatchMessageA
SendMessageA
PostMessageW
SetWindowLongA
InflateRect

gdi32

Polygon
SetROP2
AbortDoc
GetClipBox
GetDCOrgEx
CreateBrushIndirect
GetWinMetaFileBits
OffsetWindowOrgEx
SetTextAlign
GetRgnBox
GetObjectType
GdiSetBatchLimit
SetViewportExtEx
OffsetViewportOrgEx
StretchBlt
GdiFlush
SetBkColor
StartDocA
TextOutA
SetBkMode
PlayEnhMetaFileRecord
GetRasterizerCaps
ExtSelectClipRgn
RealizePalette
GetNearestColor

ole32

OleRegGetMiscStatus
GetRunningObjectTable
CoTreatAsClass
MkParseDisplayName
StgCreateDocfile
OleCreateLinkFromData
CLSIDFromString
CoRegisterClassObject
RegisterDragDrop
OleDestroyMenuDescriptor
ProgIDFromCLSID
WriteClassStg

avifkadp

_FSnan
_LCosh
_Tolower
_LSinh
_FExp
_LEps
_LInf

kernel32

InterlockedExchange
SizeofResource
TlsAlloc
ResetEvent
LCMapStringA
FlushFileBuffers
TerminateProcess
GetCurrentThreadId
GlobalGetAtomNameA
SetCurrentDirectoryW
SystemTimeToFileTime
GlobalSize
GetTickCount
TlsGetValue
IsValidCodePage
VirtualQueryEx
WideCharToMultiByte
LoadResource
GlobalDeleteAtom
InitializeCriticalSection
GetFileAttributesW
GetProfileStringW
CreateFileMappingW
OpenFile
GetProcAddress
MapViewOfFile
Beep
HeapReAlloc
CreateEventA
RtlUnwind
IsBadWritePtr
UnmapViewOfFile
HeapSize
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetCurrentDirectoryW
GlobalAddAtomA
LocalFree
GlobalAlloc
lstrlenA
SetLastError
GetModuleHandleA
HeapFree
GetComputerNameW
WaitForMultipleObjects
FormatMessageA
lstrlenW
CloseHandle
SetThreadPriority
GetModuleHandleA
WriteFile
SetStdHandle

Exports

Exports

GetPermLayers
ConvertSidToString
CreateProcessNotify
BuildADsPathFromLDAPPath
DllClientCleanup
ConvertU2TrusteeToSid
GetDisplayName
prindsvr
DllClientStartup

Sections

.text
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1792d0d85258f0dec3107f90e8263975

Headers

File Characteristics

Imports

iser32

gdi32

ole32

avifkadp

kernel32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 60KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 60KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB