c14ba39191b0f1356809a266a072a9c4f71e5baea2c8d013a1283dcfc317ee50

Sharing

Copy URL Twitter E-mail

General

Target

c14ba39191b0f1356809a266a072a9c4f71e5baea2c8d013a1283dcfc317ee50
Size

84KB
MD5

646450e3aa8e463835dc80f14fc645fd
SHA1

1091c7e51ab070c2cc649035a612fe9cf82e5fab
SHA256

c14ba39191b0f1356809a266a072a9c4f71e5baea2c8d013a1283dcfc317ee50
SHA512

c619975fe2bd4b043f127d838f434510c3cfe005b99b64b2e5acf65eae91b9f6a53fee3a64cbce498908c582873ffd5a4eacfc8b452748cce5f0986596aca42c
SSDEEP

1536:/VF7Ajdbt/YCysiKU8ni/4qWyQJTaADjYxuI4o2ZfjYtr7D/:/VFYYCysCq1yQoA/l5o2Zf0tnD

Score

N/A

Malware Config

Signatures

Files

c14ba39191b0f1356809a266a072a9c4f71e5baea2c8d013a1283dcfc317ee50
.dll windows x86

f3fbddae8d40f8b29987732bf50f2bb0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UpdateResourceA
GetSystemTimeAdjustment
CreateActCtxW
LCMapStringA
ReadConsoleInputA
ReplaceFileW
GetExitCodeProcess
WriteProcessMemory
GetProfileIntW
WaitForSingleObjectEx
FindNextFileW
AllocConsole
SetFileApisToOEM
CreateJobObjectW
FindNextChangeNotification
RemoveDirectoryW
CreateWaitableTimerA
GetLogicalDriveStringsW
GetModuleHandleA
OpenMutexW
GetStartupInfoA
AssignProcessToJobObject
SetMailslotInfo
EnumResourceNamesW
ChangeTimerQueueTimer
VirtualAllocEx
DnsHostnameToComputerNameW
FlushFileBuffers
LoadResource
SetVolumeLabelA
SetHandleCount
AddAtomW
GetStartupInfoW
HeapSize
ResumeThread
GlobalGetAtomNameW
GetOverlappedResult
GetEnvironmentVariableW
BeginUpdateResourceA
UnregisterWait
ClearCommBreak
GetThreadPriority
WriteConsoleA
CopyFileW
SetCommMask
GetSystemWow64DirectoryW
ReadProcessMemory
FindResourceExA
OpenFileMappingW
CreateWaitableTimerW
GetStringTypeExA
lstrcpyW
BackupWrite
lstrcatW
GetThreadTimes
GetNumberFormatA
GetTapeParameters
GetLocaleInfoW
GetLocalTime
SetCommTimeouts
GetLastError
GetSystemTimeAsFileTime
Sleep
VirtualProtect
WaitForSingleObject
EnterCriticalSection
CopyFileA
GetProcAddress
VirtualQuery
GetCurrentProcessId
GetComputerNameA
MapViewOfFile
InterlockedIncrement
LoadLibraryA
LocalFree
LeaveCriticalSection
CreateNamedPipeW

ole32

CoSwitchCallContext
OleRegEnumVerbs
CoFreeUnusedLibrariesEx
OleDraw
CoGetInterfaceAndReleaseStream
StgCreateDocfileOnILockBytes
BindMoniker
CoGetMarshalSizeMax
GetRunningObjectTable
OleCreateLinkToFile
OleDuplicateData
IIDFromString
OleCreateFromData
OleGetAutoConvert
CoInitialize
CoGetObjectContext

shlwapi

PathIsUNCServerShareW
SHDeleteValueW
StrFormatByteSizeW
AssocCreate
PathRemoveFileSpecW
StrRetToBufW
UrlCombineW
PathCreateFromUrlW
PathGetCharTypeW
PathStripPathW
StrStrIW
UrlUnescapeW

advapi32

RegFlushKey
RegCloseKey
CreateProcessWithLogonW
CreateServiceW
QueryServiceConfigW
RegEnumKeyExW
BuildExplicitAccessWithNameW
NotifyChangeEventLog
LockServiceDatabase
StartServiceCtrlDispatcherW
RegEnumKeyA
RegConnectRegistryW
OpenSCManagerA
RegRestoreKeyA
RegQueryInfoKeyA
RegDeleteValueW
QueryServiceConfigA
QueryServiceLockStatusA
GetUserNameA
ControlService
DuplicateToken
RegisterEventSourceA
RegCreateKeyA
IsTokenRestricted
RegisterServiceCtrlHandlerExW
GetNumberOfEventLogRecords
CreateProcessAsUserA
QueryServiceStatus
GetInheritanceSourceW
InitiateSystemShutdownW
CredWriteW

gdi32

GetSystemPaletteUse
WidenPath
CreateDIBPatternBrushPt
StartDocA
CreatePatternBrush
EnumFontFamiliesW
GetBrushOrgEx
ArcTo
GetTextExtentPointW
SetMetaFileBitsEx
CloseMetaFile
SelectObject
DeleteEnhMetaFile
SetPixel
RealizePalette
GetTextExtentExPointW
AddFontResourceW
FillPath
CreateFontW
CreateEllipticRgnIndirect
GetPolyFillMode
ScaleWindowExtEx
CreateDIBitmap
GetGlyphOutlineA
GetObjectA
GetCharABCWidthsW
CreateMetaFileW
StretchDIBits
CreateICW
CreateMetaFileA
CopyMetaFileW
GetClipRgn
SetPaletteEntries
SetSystemPaletteUse
GetNearestPaletteIndex
LPtoDP

Exports

Exports

SyncWebServ

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3fbddae8d40f8b29987732bf50f2bb0

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB