db9ed9778525733f5930e36f8df7a4cb9a7e52e7d2a9a1f3547f9cf4d6234718

Sharing

Copy URL Twitter E-mail

General

Target

db9ed9778525733f5930e36f8df7a4cb9a7e52e7d2a9a1f3547f9cf4d6234718
Size

123KB
MD5

5622e8b7330443a20c450eecb099641d
SHA1

9ae1940c2be31a5055ff3e1381a41c9fc69cbf7b
SHA256

db9ed9778525733f5930e36f8df7a4cb9a7e52e7d2a9a1f3547f9cf4d6234718
SHA512

ce6ab14cd4c8c808737e8e05ec3ec2dad415a1c6e3ee86ee12430221aa5b2e52deb25e61c0d996ca35ef286bd287befaa0ce163bafa95f344d8ef4b7812c32b3
SSDEEP

3072:BkG69EYEVM+swbIyvDEh6Ejlq9B6KMMiU1m9:BkG6qp2+sw9vQh6Ejl4B6KNP

Score

N/A

Malware Config

Signatures

Files

db9ed9778525733f5930e36f8df7a4cb9a7e52e7d2a9a1f3547f9cf4d6234718
.dll windows x86

f1cc903f6f6cc42f11b529faa05c2fc0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

CloseServiceHandle
SetSecurityDescriptorDacl
QueryServiceStatus
OpenServiceA
InitializeSecurityDescriptor
DeleteService
CreateServiceA
ControlService
AdjustTokenPrivileges

ole32

WriteClassStm
RevokeDragDrop
ProgIDFromCLSID
CLSIDFromProgID
OleSetClipboard
OleSaveToStream
OleLockRunning
OleGetClipboard
GetRunningObjectTable
GetConvertStg
DoDragDrop
CoRegisterMessageFilter
CoLockObjectExternal
CoGetMalloc
CoCreateGuid
RegisterDragDrop

user32

EndDeferWindowPos
DestroyIcon
DestroyCaret
CreateCursor
CloseWindow
ShowCursor

shell32

SHGetMalloc
SHFileOperationA
SHGetFileInfoA
SHBindToParent

shlwapi

PathIsDirectoryA
PathFindExtensionA
PathQuoteSpacesA
PathAppendA
PathUnquoteSpacesA
StrChrA
StrStrIA
PathCanonicalizeA

msvcrt

strstr
strlen
sprintf
sscanf
fflush
free
rand

kernel32

lstrlenA
WriteFile
VirtualFree
SleepEx
SetLastError
SetEndOfFile
RtlUnwind
RaiseException
OpenFile
MapViewOfFile
LocalAlloc
HeapAlloc
GetVersion
GetModuleHandleA
FlushFileBuffers
lstrcmpiA

Exports

Exports

Cng
Dip
Fzl
Jyi
Nly
Pcx
Qwt
Syw

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1cc903f6f6cc42f11b529faa05c2fc0

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 28KB

.rdata Size: 28KB - Virtual size: 32KB

.data Size: 31KB - Virtual size: 32KB

.idata Size: 10KB - Virtual size: 12KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 27KB - Virtual size: 28KB

.rdata
Size: 28KB - Virtual size: 32KB

.data
Size: 31KB - Virtual size: 32KB

.idata
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 24KB - Virtual size: 28KB