560fbada64c367ff97da676318710cb76074827119ac7bd6dc928190f4d1ddb5

Sharing

Copy URL

Twitter E-mail

General

Target

560fbada64c367ff97da676318710cb76074827119ac7bd6dc928190f4d1ddb5
Size

129KB
MD5

5162205b428a75382354883be3e7bb42
SHA1

5fb5bf1ff5975d5d6cd661905b19a7159e261b59
SHA256

560fbada64c367ff97da676318710cb76074827119ac7bd6dc928190f4d1ddb5
SHA512

3c4fc120ed1948033ea4cdb2586f4cdefaf3783492a357a3163f7859b4789a929c3e26a0996e1dcd8593a7e0a7221a1b1aef98122d15fc2d9f46230a58005def
SSDEEP

3072:vEGuwq7uHzaH82qZ8TPxcZvku9RLTDhNJoqmz/s1GaE:YwYhHqCJgvku9hTDhNJEydE

Score

N/A

Malware Config

Signatures

Files

560fbada64c367ff97da676318710cb76074827119ac7bd6dc928190f4d1ddb5
.dll windows x86

0f811fcfea7f5085e0194a8ef7e274d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
FileTimeToSystemTime
GetFileInformationByHandle
lstrcpynA
lstrlenA
FindClose
FindFirstFileA
lstrlenW
WideCharToMultiByte
MoveFileExA
FormatMessageA
IsDBCSLeadByte
CreateFileA
MultiByteToWideChar
InterlockedIncrement
GetCurrentThread
DeleteCriticalSection
FindNextFileW
GetProcAddress
lstrcmpW
BackupRead
GetFileAttributesA
FreeLibrary
LoadLibraryW
FormatMessageW
FindFirstFileW
DeleteFileW
RemoveDirectoryW
GetFileAttributesW
MoveFileW
CreateDirectoryW
SetVolumeMountPointW
SetFileAttributesW
lstrcmpiW
ReadFile
GetVolumeInformationW
GetDiskFreeSpaceExW
HeapReAlloc
WriteFile
lstrcpyW
lstrcatW
GetProcessHeap
LocalAlloc
CreateThread
SetLastError
LocalFree
GetLocalTime
InterlockedDecrement
FileTimeToLocalFileTime
UnhandledExceptionFilter
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SleepEx
GetOverlappedResult
CreateFileW
WriteFileEx
HeapFree
SetEvent
DeviceIoControl
CloseHandle
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetLastError
CreateEventW
WaitForSingleObject
ReadFileEx
GetCommandLineA
ReleaseMutex
VirtualProtect

user32

LoadStringW
wsprintfW
CharPrevA
CharLowerA
wsprintfA
SendMessageW
SendDlgItemMessageW
WinHelpW
GetParent
CheckDlgButton
EnableWindow
IsDlgButtonChecked
GetSystemMetrics
LoadImageW
MessageBoxW
SetDlgItemTextW
GetDlgItem
SetWindowLongW
ShowWindow

advapi32

RegOpenKeyExA
RegReplaceKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
AccessCheck
OpenThreadToken
RegSetValueExW
RegCloseKey
RevertToSelf
ImpersonateLoggedOnUser
LsaClose
LsaFreeMemory
LsaQueryInformationPolicy
LsaNtStatusToWinError
RegQueryValueExA
GetTokenInformation
SetNamedSecurityInfoW
SetEntriesInAclW
SetSecurityInfo
RegDeleteKeyW
SetThreadToken
LsaOpenSecret
LsaQuerySecret
RegLoadKeyW
FreeSid
AllocateAndInitializeSid
OpenProcessToken
SetFileSecurityW
RegEnumValueW
RegOpenKeyW
RegCreateKeyExW
RegUnLoadKeyW

gdi32

DeleteObject

ole32

CoCreateInstance
CoGetCallContext
CoUninitialize
CoCreateFreeThreadedMarshaler

msvcrt

_mbsrchr
strrchr
memmove
wcschr
_wcsupr
wcsstr
_wcsnicmp
_wcsicmp
wcsrchr
wcscat
swprintf
swscanf
_wtol
free
malloc
_adjust_fdiv
strpbrk
atoi
strchr
_vsnprintf
asctime
fclose
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
time
_except_handler3
_ismbblead
exit
_acmdln
_initterm
_amsg_exit
_cexit
_vsnwprintf
localtime
wcslen
_strnicmp
_strupr
strncpy
sprintf
_mbslen
_mbsicmp

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f811fcfea7f5085e0194a8ef7e274d4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcrt

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 35KB - Virtual size: 68KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 35KB - Virtual size: 68KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 6KB - Virtual size: 5KB