c84810fb0dc83b4878b92bb8cb9fa3bf4209f64f5ed39299706214d6d57fb430

Sharing

Copy URL Twitter E-mail

General

Target

c84810fb0dc83b4878b92bb8cb9fa3bf4209f64f5ed39299706214d6d57fb430
Size

321KB
MD5

02e8296ead0c99a901584892a22411a0
SHA1

d100d40566af78e20eec6b5dbe2ccddd22bb1ec5
SHA256

c84810fb0dc83b4878b92bb8cb9fa3bf4209f64f5ed39299706214d6d57fb430
SHA512

c4cd26b0950dadebba27a4827422ec5f8da02c1726f49d4da8d9da8ec38030f3c52bb562eaec37ab33d62546eb64be72b52f709decf4105e8a2b2bf9b20e8454
SSDEEP

6144:gdoip7AZqHBIOUKxoQOnbEiW3salR5GPswdfLKi:gHxAZqhIOAEiW8a72sOKi

Score

N/A

Malware Config

Signatures

Files

c84810fb0dc83b4878b92bb8cb9fa3bf4209f64f5ed39299706214d6d57fb430
.dll windows x86

435564946343f9cd2e4314f677146c70

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
GlobalAddAtomA
RaiseException
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetSystemInfo
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetTempFileNameA
GetTempPathA
GetVersion
GetProcAddress
GetVersionExA
GetDiskFreeSpaceA
OpenProcess
FindClose
FindNextFileA
FindFirstFileA
GetFileAttributesA
CreateDirectoryA
GetTickCount
GetWindowsDirectoryA
SetErrorMode
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
TerminateProcess
Sleep
GetModuleFileNameA
LocalAlloc
LocalLock
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
LocalUnlock
LocalFree
GlobalGetAtomNameA
CreateMutexA
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
OpenEventA
SetEvent
ReleaseMutex
CloseHandle
InterlockedIncrement
InterlockedDecrement
GetDriveTypeA
GetCurrentProcessId

user32

CharPrevA
CharNextA
GetSystemMetrics
SendMessageTimeoutA
GetWindowThreadProcessId
EnumThreadWindows
GetClassInfoA
RegisterClassA
CreateWindowExA
SetWindowLongA
GetWindowLongA
DestroyWindow
DefWindowProcA
PostMessageA
DispatchMessageA
TranslateMessage
GetMessageA
IsWindowVisible
IsWindowEnabled
UnregisterClassA
SendMessageA
FindWindowA

advapi32

RegQueryValueW
RegSetValueA
RegQueryValueA
RegDeleteKeyA
RegQueryValueExA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegEnumKeyA
RegOpenKeyW
RegSetValueW
RegCreateKeyW
RegCreateKeyA

msvcr100

_open
_sopen
??3@YAXPAX@Z
??2@YAPAXI@Z
atoi
memset
_purecall
_time32
memcpy
_gmtime32
_localtime32
wmemcpy_s
_vscwprintf
vswprintf_s
??_U@YAPAXI@Z
??_V@YAXPAX@Z
memcpy_s
memmove_s
free
fprintf
__iob_func
strftime
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
malloc
realloc
sprintf
_vsnprintf
memmove
_creat
_fstat32
_chsize
_lseeki64
_telli64
getenv
_stat32
strchr
_chmod
rename
printf
strrchr
strstr
_ismbblead
strncpy
_stricmp
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_close
_errno
_lseek
_tell
_read
_write
_unlink
_putenv
_mkdir
_rmdir
_getcwd
_strnicmp
_chdir

msvcp100

?_Xlength_error@std@@YAXPBD@Z

Exports

Exports

?ProcessWndProc@CRNSingleInstanceEventProcessor@@KGJPAUHWND__@@IIJ@Z
OnInstall
OnUninstall
RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 222KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

435564946343f9cd2e4314f677146c70

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

msvcr100

msvcp100

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 6KB

.text Size: 222KB - Virtual size: 224KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 6KB

.text
Size: 222KB - Virtual size: 224KB