89ee47ca7e45f58f64a2d660245293a6038edcb62a16ccbc37d9f8c9cb8cc8b5

Sharing

Copy URL Twitter E-mail

General

Target

89ee47ca7e45f58f64a2d660245293a6038edcb62a16ccbc37d9f8c9cb8cc8b5
Size

440KB
MD5

6bfe38777ab63c1f5afa4f4d387e3e33
SHA1

194514ea6a62b9d54f2b5a293fee56b4eeaf8503
SHA256

89ee47ca7e45f58f64a2d660245293a6038edcb62a16ccbc37d9f8c9cb8cc8b5
SHA512

e350aa352d243977dee3bed77d03bde9491c9c729c8632cc7ecd58e04ae045c27f98a2766c6c143fc06ee8c36bc9caf0cbb28deb532101037c97dd0003ae47fb
SSDEEP

12288:PYhE/SGvmabJilfq5ZtyCVTK2M0/j2Uy4VnIJtqwm5DoykV/J+kTH17sHBZ2/rj:PGE/SGvi26Tm5DqTH17sHBML7a8QFl1n

Score

N/A

Malware Config

Signatures

Files

89ee47ca7e45f58f64a2d660245293a6038edcb62a16ccbc37d9f8c9cb8cc8b5
.dll windows x86

f8753e607c65918b466a6eee15312717

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

_adjust_fdiv
_chmod
rename
__dllonexit
_initterm
_onexit
isdigit
_mbctype
??3@YAXPAX@Z
rand
memmove
strchr
_stricmp
strftime
_iob
fprintf
__CxxFrameHandler
difftime
time
strncpy
localtime
mktime
sprintf
strstr
printf
atol
_purecall
atoi
_ismbcspace
_vsnprintf
free
realloc
_lseeki64
malloc
_telli64
_errno
_chsize
_fstat
isspace
iscntrl
_strnicmp
strncmp
strpbrk
tolower
strrchr
getenv
??2@YAPAXI@Z
_stat
_strcmpi
_putenv
_sopen
_unlink
_write
_read
_tell
_lseek
_chdir
_open
_creat
_close
_mkdir
_rmdir
_getcwd

ole32

CoCreateInstance
CoInitialize
CoUninitialize

user32

wsprintfA
CharLowerA
SendMessageTimeoutA
EnumWindows
GetSystemMetrics
GetWindowLongA
SetWindowLongA
DestroyIcon
SystemParametersInfoA
SetWindowPos
SetForegroundWindow
CharNextA
CharPrevA
DdeDisconnect
DdeGetLastError
DdeConnect
DdeCreateStringHandleA
DdeFreeStringHandle
DdeInitializeA
DdeUninitialize
DdeFreeDataHandle
DdeGetData
DdeClientTransaction
FindWindowA

advapi32

RegEnumValueA
RegEnumKeyA
RegCloseKey
RegOpenKeyA
RegSetValueA
RegEnumKeyExA
RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

shell32

SHChangeNotify
ExtractIconExA

kernel32

GetDiskFreeSpaceA
GetShortPathNameA
WideCharToMultiByte
GetTickCount
MultiByteToWideChar
DeleteFileA
GlobalMemoryStatus
CopyFileA
CreateMutexA
GetLastError
Sleep
GetPrivateProfileStringA
GetVersionExA
WritePrivateProfileStringA
GetWindowsDirectoryA
LoadLibraryA
GetPrivateProfileSectionNamesA
FreeLibrary
CreateFileA
GetProcAddress
ReadFile
SetFilePointer
GetFileSize
CloseHandle
InterlockedIncrement
WriteFile
WaitForSingleObject
GetModuleFileNameA
GetCurrentProcess
GetSystemDirectoryA
lstrcpynA
lstrcpyA
GetProfileStringA
GetSystemInfo
UnmapViewOfFile
WinExec
CreateFileMappingA
GetTempFileNameA
MapViewOfFile
SetProcessWorkingSetSize
lstrlenA
SetErrorMode
FindFirstFileA
FindNextFileA
FindClose
GetDriveTypeA
GetTempPathA
GetVersion
ResetEvent
SetEvent
CreateEventA
InterlockedDecrement

Exports

Exports

?DdeCallback@@YGPAUHDDEDATA__@@IIPAUHCONV__@@PAUHSZ__@@1PAU1@KK@Z
EventCallback
OnInstall
OnUninstall
RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 300KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_DATA
Size: 4KB - Virtual size: 378B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f8753e607c65918b466a6eee15312717

Headers

File Characteristics

Imports

pncrt

ole32

user32

advapi32

shell32

kernel32

Exports

Exports

Sections

.text Size: 300KB - Virtual size: 298KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 16KB - Virtual size: 20KB

_DATA Size: 4KB - Virtual size: 378B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 20KB - Virtual size: 17KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 300KB - Virtual size: 298KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 16KB - Virtual size: 20KB

_DATA
Size: 4KB - Virtual size: 378B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 20KB - Virtual size: 17KB

.rmnet
Size: 60KB - Virtual size: 60KB