e5bca5ca1055a23e3002eedc4d696bd49ac8e32f7396c02582d2e063c1faf8e7

Sharing

Copy URL Twitter E-mail

General

Target

e5bca5ca1055a23e3002eedc4d696bd49ac8e32f7396c02582d2e063c1faf8e7
Size

283KB
MD5

0794333e47b88828684015a67bb9fb10
SHA1

ca84258fe873acc0eb5b3ae19f126f71d80f154c
SHA256

e5bca5ca1055a23e3002eedc4d696bd49ac8e32f7396c02582d2e063c1faf8e7
SHA512

b20c8bc502ee42b689b278edc485cf11a1e225c473c4c4e4cad0c439811dbf55e4854c41ba53548b61244c1e3abd7964a2c8d07d8357cdf6f8335b09901d399f
SSDEEP

6144:TuYuUN52pAzZss0xlmMX18zkm+LYipiQmW1Apsrz:yYjN5XZv0xVG+JpIsApsrz

Score

N/A

Malware Config

Signatures

Files

e5bca5ca1055a23e3002eedc4d696bd49ac8e32f7396c02582d2e063c1faf8e7
.dll windows x86

c9ad4cc2682fdb33b3e32bed7587a3e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Heap32Next
EnumDateFormatsW
RemoveVectoredExceptionHandler
CreateDirectoryExA
MoveFileW
CompareFileTime
SizeofResource
GetConsoleScreenBufferInfo
GetShortPathNameA
GetConsoleCP
GetDateFormatA
GetModuleFileNameA
DeleteFileW
SetSystemTimeAdjustment
GetLongPathNameA
IsDBCSLeadByte
GetDriveTypeW
AddRefActCtx
Process32Next
GetDevicePowerState
SetWaitableTimer
lstrcatA
FindVolumeMountPointClose
SetInformationJobObject
GetVolumePathNameA
GetDllDirectoryA
lstrcmpA
GlobalSize
GetStringTypeExA
GetFirmwareEnvironmentVariableW
GetFileSizeEx
TlsAlloc
GetFileAttributesW
CloseHandle
Sleep
GetThreadIOPendingFlag
IsBadReadPtr
ResetWriteWatch
BackupRead
lstrlenA
VirtualUnlock
DnsHostnameToComputerNameW
GetProcessHeap
lstrlenW
AllocConsole
DebugSetProcessKillOnExit
LocalFree
LocalAlloc
GetSystemPowerStatus
GetOEMCP
CompareStringA
VirtualProtect
GetDiskFreeSpaceW
AddLocalAlternateComputerNameW
GetLocalTime
BackupWrite
GetCommandLineA
GetLogicalDriveStringsW
GetTimeFormatW
CreateToolhelp32Snapshot
GetCurrentProcessId
GetEnvironmentVariableA
CreateSemaphoreA
ClearCommError
GetConsoleInputExeNameW
SetConsoleKeyShortcuts
GetConsoleAliasExesA
SetConsolePalette
BaseInitAppcompatCacheSupport
ShowConsoleCursor
BaseQueryModuleData
GetCalendarInfoW
IsBadHugeWritePtr
SetProcessAffinityMask
SetConsoleCursorPosition
SetLocalTime
AddConsoleAliasW

user32

MessageBoxA
GetClipboardOwner
GetClientRect
GetClipCursor
GetForegroundWindow
GetInputState
GetFocus
IsZoomed
RegisterClassA
IsWindowEnabled
LoadCursorA
CharNextW
CreatePopupMenu
IsMenu
IsRectEmpty
GetMenuDefaultItem
GetCursor
GetWindowModuleFileNameW
GetCursorPos
GetLastInputInfo
LoadIconA
IsCharUpperW
GetShellWindow
GetWindowLongW
GetWindowRect
IntersectRect
CreateMenu
GetMenuInfo
GetClipboardViewer
GetDesktopWindow
GetWindow
IsChild
GetTopWindow

gdi32

GetStockObject

advapi32

CredFree
CredMarshalCredentialA

mprapi

MprInfoBlockSet
MprAdminUserReadProfFlags
MprConfigInterfaceTransportSetInfo
MprAdminMIBEntryGetNext
MprConfigInterfaceTransportGetHandle
MprConfigServerRestore
MprConfigInterfaceGetInfo
MprAdminDeregisterConnectionNotification
MprPortSetUsage
MprConfigInterfaceTransportGetInfo
MprDomainQueryRasServer
MprConfigTransportDelete
MprGetUsrParams
MprInfoDuplicate
MprConfigGetGuidName
MprConfigGetFriendlyName
MprAdminIsDomainRasServer
MprConfigInterfaceTransportRemove
MprAdminServerGetCredentials
MprAdminInterfaceTransportSetInfo
MprAdminPortGetInfo
MprAdminInterfaceEnum
MprAdminPortEnum
MprConfigInterfaceTransportAdd
MprConfigTransportCreate
MprAdminIsServiceRunning
MprAdminConnectionGetInfo
MprAdminInterfaceTransportRemove
MprAdminUserClose
MprConfigServerConnect
MprAdminConnectionClearStats
MprConfigServerDisconnect
MprAdminMIBEntrySet
MprAdminInterfaceConnect
MprAdminInterfaceUpdatePhonebookInfo
MprAdminGetErrorString

Exports

Exports

ActivexOtherKeep
BackupPossible
BitPointer
SystemUnicodeCalendar
ToolBuildStart

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9ad4cc2682fdb33b3e32bed7587a3e9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

mprapi

Exports

Exports

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 94KB - Virtual size: 98KB

.rsrc Size: 22KB - Virtual size: 21KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 94KB - Virtual size: 98KB

.rsrc
Size: 22KB - Virtual size: 21KB

.reloc
Size: 1KB - Virtual size: 1KB