76063a54ec28f071c72d73dfed45353348667dedd155848a4f5d7018c4f4c9a2

Sharing

Copy URL

Twitter E-mail

General

Target

76063a54ec28f071c72d73dfed45353348667dedd155848a4f5d7018c4f4c9a2
Size

205KB
MD5

6aa182124f62672c2bb39d092335ddc0
SHA1

2a4fc40f1c1d6837114e2734b4c2f00128c45f77
SHA256

76063a54ec28f071c72d73dfed45353348667dedd155848a4f5d7018c4f4c9a2
SHA512

558e9aaccabc8a80e74bfa805d4f2257f1c80fe6bc1f2a680677f3bec2a32a579283204577081137add6aa7edc8fc9257d66beaffe9d82c72c80b19b572d9725
SSDEEP

3072:narvEqiwAX2x75rmhS75cAqStJ9QgxzgMdlqScP3pAofK1FmO:nq8qiFGtUsuANagtgEPIAoS1Fr

Score

N/A

Malware Config

Signatures

Files

76063a54ec28f071c72d73dfed45353348667dedd155848a4f5d7018c4f4c9a2
.dll windows x86

64f8fafe463fa0892b3b62e460df0bab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
UnmapViewOfFile
GetEnvironmentVariableW
GetFullPathNameW
GetTempFileNameW
DeleteFileW
HeapAlloc
GetFileType
CreateThread
WaitForSingleObject
GetCommandLineW
SetLastError
GetComputerNameExW
CompareFileTime
FindResourceW
CreateFileMappingW
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
GetSystemDirectoryW
GetModuleHandleW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
LocalAlloc
GetConsoleWindow
SuspendThread
lstrcmpiA
CreateFileW
CompareStringW
LockResource
HeapFree
GetTimeFormatW
GetDateFormatW
FileTimeToLocalFileTime
GetACP
WriteConsoleW
GetEnvironmentVariableA
LocalReAlloc
GetVersion
Sleep
QueryPerformanceCounter
UnhandledExceptionFilter
FindResourceExW
GetLocaleInfoW
GetSystemDefaultUILanguage
WideCharToMultiByte
SearchPathW
LocalFree
SetConsoleCtrlHandler
AllocConsole
HeapSetInformation
CloseHandle
SetConsoleCP
SetConsoleOutputCP
GenerateConsoleCtrlEvent
WriteConsoleInputA
SetConsoleMode
GetConsoleMode
GetStdHandle
OpenProcess
HeapDestroy
HeapCreate
GetProcessHeap
GetStartupInfoA
SetEvent
WaitForMultipleObjects
CreateEventW
GetVolumePathNamesForVolumeNameW
GetVolumeNameForVolumeMountPointW
DeviceIoControl
LoadResource

user32

LoadCursorW
LoadStringW
DefWindowProcW
DestroyWindow
UnregisterClassW
LoadIconW
IsCharUpperA
RegisterClassW
CreateWindowExW
ShowWindow
GetSystemMenu
UnregisterClassA
GetForegroundWindow
SetTimer
CharNextW
GetDesktopWindow

advapi32

RegOpenKeyW
IsValidSecurityDescriptor
GetSecurityDescriptorLength
RegCreateKeyW
RegDeleteKeyW
RegConnectRegistryW
RegEnumValueW
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegOpenCurrentUser

ole32

CoTaskMemRealloc
CoSetProxyBlanket
CoTaskMemFree
CoRevokeClassObject
CoInitializeSecurity
CoUninitialize

msvcrt

exit
fseek
vfwprintf
wcsstr
printf
putchar
strchr
getenv
wcscspn
iswspace
iswalpha
memset
rand
wcschr
malloc
free
bsearch
wcsncmp
isdigit
ferror
fputs
fprintf
fopen
strcspn
fwrite
ftell
qsort

crypt32

CertStrToNameW
PFXImportCertStore
CertEnumCertificateContextProperties
CertGetPublicKeyLength
CertDuplicateStore
CertAddCertificateLinkToStore
PFXExportCertStoreEx
CertSaveStore
CertGetNameStringW
CertNameToStrW
CertVerifySubjectCertificateContext
CertGetCertificateChain
CertFreeCertificateChain
CertDeleteCertificateFromStore
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CertAddCertificateContextToStore
CertRegisterPhysicalStore
CertOpenStore
CertCreateCertificateContext
CertCloseStore
CertFindExtension
CertSetCertificateContextProperty
CertGetCertificateContextProperty
CertFindCertificateInStore
CertFreeCertificateContext
CertFindCTLInStore

shlwapi

PathFindExtensionW
PathCombineW
PathFindExtensionA
UrlGetPartW

rpcrt4

UuidCreate

wininet

InternetCreateUrlW
InternetCrackUrlW

ws2_32

WSAStringToAddressA

winscard

SCardReleaseContext
SCardEstablishContext

Exports

Exports

EndorsedTechnologyVersionBe
ItTheMechanismThe
OrgIncludingCommunityPlatform
StandaloneMayThe

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64f8fafe463fa0892b3b62e460df0bab

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

crypt32

shlwapi

rpcrt4

wininet

ws2_32

winscard

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 230KB

.rsrc Size: 44KB - Virtual size: 42KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 230KB

.rsrc
Size: 44KB - Virtual size: 42KB

.reloc
Size: 4KB - Virtual size: 1KB