5a8990cae08cdfe30e74b594064b997992c6d5417bb7f2eda7a6ccae36f0c406

Sharing

Copy URL Twitter E-mail

General

Target

5a8990cae08cdfe30e74b594064b997992c6d5417bb7f2eda7a6ccae36f0c406
Size

440KB
MD5

6d0159318f7ac80c17f45ab7ac10af70
SHA1

4fbd37c1668eeb502d465c902e2df3529ce1e113
SHA256

5a8990cae08cdfe30e74b594064b997992c6d5417bb7f2eda7a6ccae36f0c406
SHA512

7987781110fd0ef5814cc9f2304d47a8ed42e5fbb6062e84cc18ebda89d1492a813d240c4bfa3f1455fad21ca74d278a6449cbca7cdd28b34baa96b16e90612a
SSDEEP

12288:PYhE/SGvmabJilfq5ZtyCVTK2M0/j2Uy4VnIJtqwm5DoykV/J+kTH17sHBZ2/rj9:PGE/SGvi26Tm5DqTH17sHBML7a8QFl1d

Score

N/A

Malware Config

Signatures

Files

5a8990cae08cdfe30e74b594064b997992c6d5417bb7f2eda7a6ccae36f0c406
.dll windows x86

f8753e607c65918b466a6eee15312717

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

_adjust_fdiv
_chmod
rename
__dllonexit
_initterm
_onexit
isdigit
_mbctype
??3@YAXPAX@Z
rand
memmove
strchr
_stricmp
strftime
_iob
fprintf
__CxxFrameHandler
difftime
time
strncpy
localtime
mktime
sprintf
strstr
printf
atol
_purecall
atoi
_ismbcspace
_vsnprintf
free
realloc
_lseeki64
malloc
_telli64
_errno
_chsize
_fstat
isspace
iscntrl
_strnicmp
strncmp
strpbrk
tolower
strrchr
getenv
??2@YAPAXI@Z
_stat
_strcmpi
_putenv
_sopen
_unlink
_write
_read
_tell
_lseek
_chdir
_open
_creat
_close
_mkdir
_rmdir
_getcwd

ole32

CoCreateInstance
CoInitialize
CoUninitialize

user32

wsprintfA
CharLowerA
SendMessageTimeoutA
EnumWindows
GetSystemMetrics
GetWindowLongA
SetWindowLongA
DestroyIcon
SystemParametersInfoA
SetWindowPos
SetForegroundWindow
CharNextA
CharPrevA
DdeDisconnect
DdeGetLastError
DdeConnect
DdeCreateStringHandleA
DdeFreeStringHandle
DdeInitializeA
DdeUninitialize
DdeFreeDataHandle
DdeGetData
DdeClientTransaction
FindWindowA

advapi32

RegEnumValueA
RegEnumKeyA
RegCloseKey
RegOpenKeyA
RegSetValueA
RegEnumKeyExA
RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

shell32

SHChangeNotify
ExtractIconExA

kernel32

GetDiskFreeSpaceA
GetShortPathNameA
WideCharToMultiByte
GetTickCount
MultiByteToWideChar
DeleteFileA
GlobalMemoryStatus
CopyFileA
CreateMutexA
GetLastError
Sleep
GetPrivateProfileStringA
GetVersionExA
WritePrivateProfileStringA
GetWindowsDirectoryA
LoadLibraryA
GetPrivateProfileSectionNamesA
FreeLibrary
CreateFileA
GetProcAddress
ReadFile
SetFilePointer
GetFileSize
CloseHandle
InterlockedIncrement
WriteFile
WaitForSingleObject
GetModuleFileNameA
GetCurrentProcess
GetSystemDirectoryA
lstrcpynA
lstrcpyA
GetProfileStringA
GetSystemInfo
UnmapViewOfFile
WinExec
CreateFileMappingA
GetTempFileNameA
MapViewOfFile
SetProcessWorkingSetSize
lstrlenA
SetErrorMode
FindFirstFileA
FindNextFileA
FindClose
GetDriveTypeA
GetTempPathA
GetVersion
ResetEvent
SetEvent
CreateEventA
InterlockedDecrement

Exports

Exports

?DdeCallback@@YGPAUHDDEDATA__@@IIPAUHCONV__@@PAUHSZ__@@1PAU1@KK@Z
EventCallback
OnInstall
OnUninstall
RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 300KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_DATA
Size: 4KB - Virtual size: 378B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f8753e607c65918b466a6eee15312717

Headers

File Characteristics

Imports

pncrt

ole32

user32

advapi32

shell32

kernel32

Exports

Exports

Sections

.text Size: 300KB - Virtual size: 298KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 16KB - Virtual size: 20KB

_DATA Size: 4KB - Virtual size: 378B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 20KB - Virtual size: 17KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 300KB - Virtual size: 298KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 16KB - Virtual size: 20KB

_DATA
Size: 4KB - Virtual size: 378B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 20KB - Virtual size: 17KB

.rmnet
Size: 60KB - Virtual size: 60KB