e6aa7c808b823d0bb6e38bbe6c27670f4a960d4084661d32eb544b9279b5599f

Sharing

Copy URL Twitter E-mail

General

Target

e6aa7c808b823d0bb6e38bbe6c27670f4a960d4084661d32eb544b9279b5599f
Size

84KB
MD5

366d70ab8e355625b2ffc3bda4367aa2
SHA1

4e2ab627c45f7d265c2cf09ca599b4dc138db8d0
SHA256

e6aa7c808b823d0bb6e38bbe6c27670f4a960d4084661d32eb544b9279b5599f
SHA512

6d7704e93453f54f658cd11ce3b4c5d65f8b2bb22222f33c4ba3fc9656cb3cf421ac1dfd6701d0da3a5029302a2708266d4abe244c6c0e45ee06f055113d2fb5
SSDEEP

1536:+RNXHFXgnvZsaUy3EBzwjr8/rvpKXfp/WUdUZV0e:+R1FXgnqah/6rvpKJi

Score

N/A

Malware Config

Signatures

Files

e6aa7c808b823d0bb6e38bbe6c27670f4a960d4084661d32eb544b9279b5599f
.dll windows x86

b012ac5fbe2dd171dfcd9a4a7201ed0b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
UnregisterWaitEx
DeviceIoControl
GetTapeParameters
LoadResource
DeleteCriticalSection
HeapCompact
ReadConsoleW
ReadFile
ChangeTimerQueueTimer
GetSystemTime
OpenMutexW
CreateIoCompletionPort
SetProcessShutdownParameters
SetSystemTime
PeekNamedPipe
IsBadStringPtrW
LockFileEx
VerifyVersionInfoW
GlobalReAlloc
GetThreadLocale
InterlockedDecrement
GetNumberOfConsoleInputEvents
GetSystemWindowsDirectoryA
GetVolumeNameForVolumeMountPointW
IsBadCodePtr
DnsHostnameToComputerNameW
LocalFileTimeToFileTime
GetTimeZoneInformation
DeleteTimerQueueEx
GetTempPathW
GetAtomNameA
GetFileSizeEx
lstrcpyW
GetDateFormatW
GetCommState
UnregisterWait
GetAtomNameW
GetFileAttributesExA
ReleaseActCtx
WaitForMultipleObjectsEx
GlobalFindAtomA
Sleep
InterlockedIncrement
ReleaseMutex
CloseHandle
InterlockedCompareExchange
GetProcAddress
LoadLibraryA
SetLastError
lstrlenW
GetCommandLineA
InitializeCriticalSectionAndSpinCount
VirtualProtect
UnmapViewOfFile
CreateDirectoryA
HeapFree
CreateFileA
VirtualQuery
DisconnectNamedPipe
GetCurrentProcessId

ole32

CoGetClassObject
OleRun
StgOpenStorage
CreateILockBytesOnHGlobal
CreateDataAdviseHolder
OleDraw
CoWaitForMultipleHandles
MkParseDisplayName
OleCreateFromFile
IIDFromString
GetRunningObjectTable
OleInitialize
CoUninitialize

user32

SetScrollPos
FlashWindow
DrawTextExA
GetUserObjectInformationW
GetCursor
ShowWindow
LoadCursorA
LoadAcceleratorsW
MessageBoxW
CopyImage
MapVirtualKeyW
DefDlgProcW
CheckMenuRadioItem
SetCursor
CreateIconFromResourceEx
GetCursorPos
MonitorFromRect
GetDC
ExitWindowsEx
CharNextExA
GetProcessWindowStation
CharPrevA
IsChild
ChangeDisplaySettingsA
CopyRect
SetFocus
RemovePropA
SetProcessDefaultLayout
GetSysColorBrush
GetMonitorInfoA
IsCharAlphaNumericA
SetWindowTextA
TrackPopupMenu
GetPropA
AttachThreadInput
CharUpperW
SetRectEmpty
PostMessageW
CloseDesktop
GetWindowTextW
CharToOemA
FillRect
MessageBeep
CharLowerBuffA
GetMenuDefaultItem
PeekMessageW
UnhookWinEvent
CallNextHookEx
RegisterClassExA
SetTimer
GetParent
DestroyCaret
UnhookWindowsHookEx
DestroyWindow
DefWindowProcA
SetWinEventHook
PostMessageA
SendMessageA

oleaut32

SysFreeString

shlwapi

StrStrA
StrCmpNW
StrRetToBufW
SHGetValueA
PathAddBackslashA
PathMakePrettyW
AssocQueryStringW
PathRemoveFileSpecW
wnsprintfW
SHRegSetPathW

advapi32

RegOpenKeyExA
RegCloseKey
EnumServicesStatusExW
SaferCreateLevel
CheckTokenMembership
MakeAbsoluteSD
ElfRegisterEventSourceW
RegQueryValueExW
ReportEventW
GetInheritanceSourceW
SetEntriesInAclA
RegSaveKeyW
RegisterServiceCtrlHandlerExW
RegCreateKeyW
QueryServiceConfigW
EnumServicesStatusW
SaferGetPolicyInformation
ConvertStringSecurityDescriptorToSecurityDescriptorW

Exports

Exports

DevCommsPlay

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b012ac5fbe2dd171dfcd9a4a7201ed0b

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB