41b74a3d4c68b9b2f6eb76586e2fd2e97f3d9330a125771a29de1df902a280c7

Sharing

Copy URL Twitter E-mail

General

Target

41b74a3d4c68b9b2f6eb76586e2fd2e97f3d9330a125771a29de1df902a280c7
Size

128KB
MD5

6f622baee5dff9cd4212c3fe4002cd92
SHA1

3e0299d79d09f2120fb5fddde1a99b9d0b37af9a
SHA256

41b74a3d4c68b9b2f6eb76586e2fd2e97f3d9330a125771a29de1df902a280c7
SHA512

33dfc320628496074ccc41d40ab4d05c0856718312ecc0e94944178645c35df4fa1d8d409c1651352991cae52e7c5ad35533393c35b9d0a43d9febe2f0ab7b28
SSDEEP

3072:qQv/2x2JidKvtCVlXImfVOrsIlOvVSbu/yf34:/v/KXjlXFusMum3

Score

N/A

Malware Config

Signatures

Files

41b74a3d4c68b9b2f6eb76586e2fd2e97f3d9330a125771a29de1df902a280c7
.dll windows x86

119d368b7ff439556c209058173c99e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
GetStdHandle
FreeLibrary
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
GetFileAttributesW
FindNextFileW
FindClose
FindFirstFileW
DeleteFileW
SetFileAttributesW
CopyFileW
CreateDirectoryW
GetSystemTimeAsFileTime
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter
LoadLibraryA
InterlockedDecrement
lstrcmpiA
lstrlenA
CreateProcessW
GetVersionExW
lstrlenW
ResetEvent
DeviceIoControl
WaitForSingleObject
GetOverlappedResult
CancelIo
AddAtomW
GetProcessHeap
InterlockedIncrement
LocalAlloc
CloseHandle
GetModuleHandleW
UnregisterWait
RegisterWaitForSingleObject
lstrcmpW
FormatMessageW
ExpandEnvironmentStringsW
GetModuleFileNameW
ProcessIdToSessionId
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
GetCPInfo
GetOEMCP
GetACP
GetSystemInfo
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
SetHandleCount
GetModuleHandleA
ExitProcess
VirtualQuery
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
RtlUnwind
HeapFree
HeapAlloc
WideCharToMultiByte
WriteFile
LocalFree
GetFileType
GetConsoleMode
GetSystemWindowsDirectoryW
VirtualProtect
CreateFileW
GetCommandLineA

user32

DispatchMessageA
MessageBoxA
PostQuitMessage
GetMessageA
LoadStringW
DestroyIcon
DestroyWindow
LoadCursorW
RegisterClassExW
SystemParametersInfoW
LoadImageW
FindWindowW
PostMessageW
AppendMenuW
IsWindowVisible
GetDoubleClickTime
RegisterHotKey
ShowWindow
GetMenuItemCount
GetMenuItemInfoW
DestroyMenu
DefWindowProcW
KillTimer
SetTimer
SendMessageW
GetSystemMetrics
NotifyWinEvent
InsertMenuItemW
CreateWindowExW
SendNotifyMessageW
EnumWindows

advapi32

RegDeleteValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey

gdi32

DeleteObject

ole32

CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
CoRegisterPSClsid

rpcrt4

NdrDllGetClassObject

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

119d368b7ff439556c209058173c99e1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 40KB - Virtual size: 72KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 40KB - Virtual size: 72KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 4KB