101b4cab2fe466985032e07fdc7d71764ac40fb04eb398365fe2968528ad97af

Sharing

Copy URL Twitter E-mail

General

Target

101b4cab2fe466985032e07fdc7d71764ac40fb04eb398365fe2968528ad97af
Size

72KB
MD5

4f02ef1ab05700c20e4beb558ddde341
SHA1

485d261befce57d79c9f5701bf72188ee24bd4df
SHA256

101b4cab2fe466985032e07fdc7d71764ac40fb04eb398365fe2968528ad97af
SHA512

eb94d5e2cd7a2e8fb7c9a30d820e0d6dded94871d10170be3cbcdb218a69d8ca84a12d1ed3358ef63fa0d7cad4669fa0b366147c8d62ca8a4a6159f8c70ec432
SSDEEP

768:jypyrvqf4DF5f2EeYS7N7368npN57KAI0QCPsPu7YnGfBEVj3PquygToByL0Vw8T:Gm84DF5ENnpN57KzIkPa46mdPaWxjrC

Score

N/A

Malware Config

Signatures

Files

101b4cab2fe466985032e07fdc7d71764ac40fb04eb398365fe2968528ad97af
.dll windows x86

3fdd82a3e532abbd09fe0afe65d1fbe8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
WinExec
GetFullPathNameW
InterlockedDecrement
GetSystemPowerStatus
GetVolumeInformationA
VerifyVersionInfoW
WaitForMultipleObjects
GetCurrentDirectoryW
SetConsoleActiveScreenBuffer
VerLanguageNameW
IsWow64Process
SetConsoleWindowInfo
BindIoCompletionCallback
VirtualAlloc
GlobalFindAtomW
IsValidLanguageGroup
CreateIoCompletionPort
FreeLibraryAndExitThread
IsValidLocale
GetModuleFileNameW
GetProfileIntW
lstrlenW
GetProcessVersion
GetLargestConsoleWindowSize
CreateDirectoryW
GetSystemTime
WriteProfileStringA
GetExitCodeProcess
GetSystemWow64DirectoryW
ReadDirectoryChangesW
LocalReAlloc
lstrcmpW
GetTempFileNameW
WaitNamedPipeW
RtlMoveMemory
QueueUserAPC
InterlockedExchangeAdd
LocalHandle
MultiByteToWideChar
GetVolumePathNamesForVolumeNameW
CreateEventA
IsBadWritePtr
HeapCreate
RemoveDirectoryW
EnterCriticalSection
HeapFree
CreateThread
VirtualQuery
InterlockedExchange
CopyFileA
ReleaseMutex
CreateProcessA
InitializeCriticalSection
CloseHandle
lstrcatW
lstrlenA
GetProcAddress
CreateMutexA
GetModuleHandleA
GetProcessHeap
UnmapViewOfFile
CreateDirectoryA
LoadLibraryA
LeaveCriticalSection
lstrcpynA
HeapAlloc

user32

GetLastActivePopup
MessageBoxExA
IsCharAlphaA
CharUpperA
GetWindow
IsCharAlphaW
EndDialog
SetSysColors
EqualRect
GrayStringA
wsprintfW
MonitorFromWindow
CloseDesktop
GetMenuStringW
CreateDialogIndirectParamA
ChildWindowFromPoint
IsMenu
OemToCharBuffA
DrawTextW
TrackPopupMenu
GetAsyncKeyState
GetScrollPos
SetWindowWord
SetRectEmpty
SetThreadDesktop
InsertMenuW
GetWindowThreadProcessId
IsWindowEnabled
GetPropW
SetWindowPos
ShowCursor
OpenWindowStationW
DrawStateA
TranslateAcceleratorW
CreateMenu
SetTimer
CallNextHookEx
KillTimer
SetWindowsHookExA
GetMessageA
SetScrollRange

gdi32

CreateBrushIndirect
CreateICW
GetDIBits
GetRandomRgn
EnumMetaFile
StartDocA
SelectObject
SetMapMode
PolyPolyline
Ellipse
CreatePalette
InvertRgn
SetMetaFileBitsEx
CreateMetaFileW
AbortDoc
SetROP2
AbortPath
FillPath
SetTextAlign
CloseMetaFile
SetGraphicsMode

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fdd82a3e532abbd09fe0afe65d1fbe8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB