ff897fed6b85dc4a6c63c4fa10c2f7dae479e71752b9bfbb13b884149e2b6646

Sharing

Copy URL Twitter E-mail

General

Target

ff897fed6b85dc4a6c63c4fa10c2f7dae479e71752b9bfbb13b884149e2b6646
Size

59KB
MD5

20d9b80a0c841e305721558763529885
SHA1

64a15a28b966b3e52fa9df65ee4222b06122c8be
SHA256

ff897fed6b85dc4a6c63c4fa10c2f7dae479e71752b9bfbb13b884149e2b6646
SHA512

c53b30048d595512ee1cbe71e2fb6c49685b108a145f17101ec70a27eab9c2df8e5742671c1da234a40df09acadd33afbc1b3ccd90f299dbe792dadc5a2639ed
SSDEEP

1536:ktfpsX9GCenm9lwcQMGkPU1GWihPfqjIgdRmy3rEIOoFw:mCE1nmHwnbkPSGWihPSjIKoh

Score

N/A

Malware Config

Signatures

Files

ff897fed6b85dc4a6c63c4fa10c2f7dae479e71752b9bfbb13b884149e2b6646
.dll windows x86

12ab6020ace6dd5178805c6bc0df64fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
ClearCommBreak
GetStdHandle
CreateDirectoryW
FindFirstVolumeA
CreateDirectoryExW
lstrcmpiA
HeapCompact
GetNumberOfConsoleMouseButtons
CreateDirectoryExA
GetOEMCP
SearchPathA
CallNamedPipeA
EnumUILanguagesW
EraseTape
FatalAppExitA
WritePrivateProfileSectionA
EnumSystemLocalesW
IsDBCSLeadByte
GetCommandLineW
SetFileAttributesW
CreateThread
GlobalDeleteAtom
UnhandledExceptionFilter
GetLastError
ReplaceFileW
Heap32ListNext
EscapeCommFunction
HeapValidate

msvcrt

_ui64tow
_wputenv
_adj_fprem
wcscmp
_local_unwind2
time
getc
gmtime
atoi
wcslen
_mbsncat
iswpunct
strncmp
_wstat
wcscat
memset
_mbsnccnt
strpbrk
_ismbchira
strcspn

gdi32

Polygon
GetGlyphOutlineWow
SetICMProfileA
GdiPrinterThunk
GdiFullscreenControl
SetPixelFormat
PlayMetaFile
TextOutW
EngCreateDeviceBitmap
GdiEndDocEMF
CreateDIBPatternBrushPt
GetTextAlign
GdiPlayDCScript
SetMapMode
ResetDCA
DeviceCapabilitiesExA
GetGlyphIndicesW
MoveToEx
GetWinMetaFileBits
GetAspectRatioFilterEx
SetColorSpace
IntersectClipRect
SetGraphicsMode
GetICMProfileW
TextOutA
GdiValidateHandle

user32

ToAscii
SetTaskmanWindow
MapVirtualKeyExA
TranslateMessageEx
SetClassWord
GetWindowModuleFileNameA
SetClassLongW
EnumPropsW
EnumPropsExW
ValidateRgn
WindowFromPoint
SetMenuItemBitmaps
GetDCEx
CreateWindowExW
SetWindowsHookW
WINNLSEnableIME
GetSysColor
DeregisterShellHookWindow
DlgDirSelectComboBoxExA
CloseWindow
GetMenuStringW
GetMenuInfo
GetTopWindow
BeginPaint
IsZoomed

shlwapi

PathIsURLA
PathStripToRootA
PathUnquoteSpacesA
PathUnmakeSystemFolderA
PathStripPathA
PathFindExtensionA
PathIsUNCServerShareA
StrStrIA
SHRegGetBoolUSValueW
StrStrW
SHCreateStreamOnFileA
SHStrDupW
UrlIsW
StrRetToStrA
PathCanonicalizeA
StrIsIntlEqualW
StrCatBuffA
StrCatBuffW
PathStripPathW
PathCombineA

Exports

Exports

CzoCbmt
AvhGdutwa
OaGwzulOmgyzMzbyytcVbn
XmjqysvVvniYgrpZw
ChnLvvxoht
NwiXssnscbYlhvpcb
XxnVgbwwjoFmkuwwoOnddNpw
KyuspnmDhkftbx

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12ab6020ace6dd5178805c6bc0df64fc

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

shlwapi

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 49KB - Virtual size: 48KB

.rsrc Size: 1024B - Virtual size: 736B

.reloc Size: 512B - Virtual size: 16B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 1024B - Virtual size: 736B

.reloc
Size: 512B - Virtual size: 16B