76800833d0e5c7a9300fb1da0a2ba25417aa0a8105b993b104125cf4aff6c485

Sharing

Copy URL Twitter E-mail

General

Target

76800833d0e5c7a9300fb1da0a2ba25417aa0a8105b993b104125cf4aff6c485
Size

528KB
MD5

67d66703a633ffad6fdff483fed7c7c0
SHA1

247a2583cbd59033df38698b543090b95f3b416b
SHA256

76800833d0e5c7a9300fb1da0a2ba25417aa0a8105b993b104125cf4aff6c485
SHA512

9d7233dc9fc74ba48c2df3bd436c25a8c832844cf21a2d7a8f8c84a7ad59e34571cfa6f87da8ded09677208a62ed77610999a9d383cfbf29b5cf10fdf551995b
SSDEEP

12288:Zvwef9XQJbI5qW8QIYZyI8laNMgAS1ENw3kRpS:ZFfBSE5tyrb21tkRp

Score

N/A

Malware Config

Signatures

Files

76800833d0e5c7a9300fb1da0a2ba25417aa0a8105b993b104125cf4aff6c485
.dll windows x86

9f5157a35502b9ecb33ff71d3f58d92a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AccessCheckByTypeAndAuditAlarmA
ConvertStringSidToSidW
DecryptFileA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueA
RegSetValueExA
SetAclInformation
CryptSetProvParam
RegCreateKeyExA
AddUsersToEncryptedFile
CryptImportKey
GetMultipleTrusteeW
CryptGetHashParam
DecryptFileW
LsaOpenSecret
OpenProcessToken
ProcessTrace
RegDeleteKeyA
AddAce
BuildImpersonateTrusteeW
ElfNumberOfRecords
GetNamedSecurityInfoW
LsaEnumerateTrustedDomains
LsaOpenTrustedDomain
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
SetSecurityDescriptorGroup

kernel32

FreeLibrary
GetCurrentThreadId
GetModuleFileNameW
GetProcAddress
GetSystemWindowsDirectoryA
InitializeCriticalSectionAndSpinCount
LoadLibraryW
OutputDebugStringA
CloseHandle
CreateEventA
CreateFileW
CreateSemaphoreA
GetProfileIntA
GlobalFree
GlobalHandle
GlobalUnlock
HeapDestroy
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LocalAlloc
LocalFree
LocalHandle
MultiByteToWideChar
ReleaseSemaphore
ResetEvent
SetConsoleMode
SetEvent
SetThreadPriority
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
lstrlenA
ExpandEnvironmentStringsA
GetDriveTypeA
GetFullPathNameA
GetModuleFileNameA
InterlockedCompareExchange
RaiseException
SearchPathA
Sleep
CreateIoCompletionPort
GetCurrentProcess
GetLocalTime
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
lstrcatW
lstrcpyW
lstrlenW
CompareStringA
CompareStringW
CreateFileA
DeleteFileA
EnumDateFormatsExA
FlushFileBuffers
GetCurrencyFormatA
GetModuleHandleA
GetProcessVersion
GetTempFileNameA
GetVersion
GlobalAlloc
GlobalLock
GlobalReAlloc
IsBadReadPtr
OpenFile
ReadFile
SetFilePointer
lstrcpyA
CreateEventW
CreateThread
FindFirstVolumeW
GetBinaryTypeW
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
ResumeThread
CreateProcessA
FormatMessageA
GetFileAttributesA
GetPrivateProfileSectionA
GetSystemDirectoryA
GetWindowsDirectoryA
LoadLibraryA
LoadLibraryExW
MoveFileA
SetFileAttributesA
WaitForSingleObjectEx
WriteFile
lstrcatA
lstrcpynA
CreateDirectoryW
CreateTimerQueueTimer
FindClose
FindFirstFileW
FindNextFileW
FormatMessageW
GetComputerNameW
GetProcessHeap
GetStringTypeW
HeapWalk
LoadResource
LockResource
SetSystemTime
SizeofResource
lstrcmpi
VirtualAlloc
DnsHostnameToComputerNameW
GetEnvironmentStrings
MapUserPhysicalPagesScatter
ReleaseMutex
SetThreadExecutionState
lstrcpynW
GetLocaleInfoW
GetLastError
HeapFree
HeapAlloc
GetExitCodeProcess
GetCurrentDirectoryA
SetCurrentDirectoryA
SetErrorMode
ExitThread
MoveFileW
GetModuleHandleW
ExitProcess
GetCPInfo
HeapSize
GetTimeFormatA
GetDateFormatA
FindFirstFileA
FindNextFileA
GetFileType
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
IsDBCSLeadByteEx
ReadConsoleA
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetEnvironmentVariableA
GetCommandLineA
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
HeapCreate
VirtualFree
HeapReAlloc
LCMapStringW
SetConsoleCtrlHandler
LCMapStringA
GetStringTypeA
SetStdHandle
GetTimeZoneInformation
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEndOfFile
GetFileAttributesW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
RtlUnwind
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateProcessW
SetEnvironmentVariableW

ole32

OpenOrCreateStream
HMETAFILE_UserFree
HMETAFILEPICT_UserFree
CLIPFORMAT_UserSize
StgCreateDocfile
OleCreateEmbeddingHelper
HMENU_UserMarshal
HENHMETAFILE_UserSize
CLIPFORMAT_UserMarshal
HDC_UserFree
ReadClassStm
CoGetClassObject
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
SNB_UserUnmarshal
CoTaskMemRealloc

oleaut32

VarCyAdd
VarDateFromR4
VarCyFromUI4
VarR4FromUI4
VarDecFromR4
VarCyFromUI2
OleLoadPictureFileEx
VarBstrCmp
VarR8FromDisp
VarI2FromUI4
VarDateFromR8
VarCyFromR8
OleLoadPicturePath

shell32

SHBrowseForFolderA

Exports

Exports

fjnsrw

Sections

.text
Size: 431KB - Virtual size: 431KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f5157a35502b9ecb33ff71d3f58d92a

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

oleaut32

shell32

Exports

Exports

Sections

.text Size: 431KB - Virtual size: 431KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 17KB - Virtual size: 30KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 431KB - Virtual size: 431KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 17KB - Virtual size: 30KB

.reloc
Size: 15KB - Virtual size: 15KB