17d176d134b097dc36214397ac838a7ad9a56d613a584bf621a050f19dc93e16

Sharing

Copy URL Twitter E-mail

General

Target

17d176d134b097dc36214397ac838a7ad9a56d613a584bf621a050f19dc93e16
Size

197KB
MD5

1cfc9fd4d8c157bb2ded97ff8afde521
SHA1

8a99987821e739509d56f1416cd6d5769ed387f9
SHA256

17d176d134b097dc36214397ac838a7ad9a56d613a584bf621a050f19dc93e16
SHA512

85e4819a963fd915deb0468aee5b65d74087adc3b535c6f9e468af81d0e2f805a36e7141692676bcd6c7280c780126ffa7c091d393ad262ac80583240d17d34b
SSDEEP

6144:Ud8wMwjvOInjZ5O/ETCz7/wfbgMddZmaFqqDLuR0:Ud8wMwDnaF7CgqdZkqnuR0

Score

N/A

Malware Config

Signatures

Files

17d176d134b097dc36214397ac838a7ad9a56d613a584bf621a050f19dc93e16
.dll windows x86

16d96ad56ec9d399552cb8007322fa75

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetProfileStringA
DeleteFileW
DeleteFileA
CreateDirectoryW
CreateDirectoryA
GetSystemDirectoryA
GetProfileStringW
FindClose
LoadLibraryExA
OutputDebugStringW
FindFirstFileW
FindNextFileW
GetLogicalDriveStringsW
LoadLibraryA
lstrlenW
WideCharToMultiByte
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsGetValue
GetStdHandle
GetACP
GetOEMCP
WriteFile
VerLanguageNameW
FlushFileBuffers
SetStdHandle
GetSystemInfo
VirtualQuery
InterlockedIncrement
InterlockedDecrement
lstrlenA
HeapDestroy
GlobalUnlock
GlobalLock
lstrcpynA
SizeofResource
LoadResource
FindResourceA
lstrcpyA
lstrcatA
GlobalFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
lstrcmpiA
InterlockedCompareExchange
InterlockedExchange
GetComputerNameW
VerLanguageNameA
SetErrorMode
GetModuleFileNameA
DisableThreadLibraryCalls
GetVersionExA
GetDateFormatA
GetThreadLocale
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
GetTempFileNameA
GetTempPathA
GetSystemDirectoryW
FreeLibrary
FormatMessageW
LoadLibraryExW
CloseHandle
SetEvent
GetProcAddress
lstrcpyW
Sleep
LoadLibraryW
GetCurrentThread
CreateThread
GetModuleHandleW
GetCurrentProcess
TerminateThread
LocalAlloc
LocalFree
FindAtomA
DeleteAtom
GetCommandLineA
VirtualAlloc
VirtualProtect

user32

MessageBoxW
EnableWindow
SetWindowLongA
LoadStringA
SendMessageW
CharNextA
SetDlgItemInt
RegisterClipboardFormatA
GetWindowRect
GetDlgItem
SendMessageA
LoadCursorA
GetWindow
CharUpperBuffW
GetActiveWindow
wsprintfA
EndDialog
SetFocus
SetCursor
DialogBoxParamW
ShowWindow
PostMessageA
IsWindow
SetWindowTextW
SetWindowTextA
GetWindowLongA
GetWindowTextW
LoadStringW
GetDesktopWindow
MoveWindow
GetSystemMetrics
GetWindowTextA
GetParent
GetDlgCtrlID
MessageBoxA
DialogBoxParamA

advapi32

LookupAccountSidW
GetLengthSid
CopySid
OpenProcessToken
OpenThreadToken
RegCloseKey
SetServiceStatus
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
RegFlushKey
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegEnumValueW
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyW
RegEnumKeyExW
RegGetKeySecurity
RegConnectRegistryW
RegSaveKeyW
RegUnLoadKeyW
RegSetKeySecurity
RegQueryInfoKeyW
RegSetValueExW
RegLoadKeyW
RegDeleteKeyW
InitializeSecurityDescriptor
GetTokenInformation

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

rpcrt4

I_RpcMapWin32Status
RpcRevertToSelf
RpcImpersonateClient

msvcrt

free
_wcsnicmp
fopen
_winmajor
_wsplitpath
wcsncmp
wcsrchr
_errno
calloc
_fullpath
_wfullpath
_access
_waccess
_open
_wopen
_close
iswctype
_snwprintf
_wmakepath
sprintf
_splitpath
wcschr
_ltow
wcstol
fclose
fprintf
memset
memcpy
realloc
_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
malloc
_wcsicmp
memmove
wcscpy
wcslen
wcscmp
wcsncpy
wcscat
wcsncat
swprintf
_except_handler3
__CxxFrameHandler

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16d96ad56ec9d399552cb8007322fa75

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rpcrt4

msvcrt

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 61KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 61KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 6KB