99c088fac0d1260baa410226cac47547da534073e2e6e952b07b382d17143dfc

Sharing

Copy URL Twitter E-mail

General

Target

99c088fac0d1260baa410226cac47547da534073e2e6e952b07b382d17143dfc
Size

592KB
MD5

7c67985e689dd55013568ece0a4de010
SHA1

5855814a5987999f1b6463737f337d9bc0f7ba65
SHA256

99c088fac0d1260baa410226cac47547da534073e2e6e952b07b382d17143dfc
SHA512

e1d7b259ab4585fe4f7995537033a06d0fd4e3a5f2413a2dd46673473b1ad7f419daf72412a6b870b6d970317e95416eac013fdd6a0cfcb861f24edf622eddbf
SSDEEP

12288:1cAchJOAqhQgCIF223j1ysQj6KfRFwoCnz2W8WxcD+tKlat:1cRh4AqVJFdpysQ9RFwoCnn1xYs

Score

N/A

Malware Config

Signatures

Files

99c088fac0d1260baa410226cac47547da534073e2e6e952b07b382d17143dfc
.dll windows x86

da4d5c887ed7172b9a5089a2fc0a3850

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoTaskMemRealloc
CoInitialize
CoInitializeEx
CoCreateInstance
CoTaskMemAlloc

oleaut32

SysAllocString
SysStringLen
LoadTypeLi
VarUI4FromStr
SysFreeString
UnRegisterTypeLi
RegisterTypeLi

shell32

ShellExecuteW

kernel32

RaiseException
GlobalFree
GetCurrentProcessId
LeaveCriticalSection
InterlockedDecrement
UnhandledExceptionFilter
FreeLibrary
WaitForSingleObject
VirtualAlloc
DeleteCriticalSection
Sleep
GetSystemTimeAsFileTime
GetTickCount
GetCurrentThreadId
InitializeCriticalSection
CloseHandle
LocalFree
GetModuleFileNameW
GlobalAlloc
SetUnhandledExceptionFilter
CreateMutexW
QueryPerformanceCounter
lstrcmpiW
GetModuleHandleW
GetDateFormatA
ReadFile
InterlockedIncrement
CreateFileW
GetModuleHandleA
LoadResource
GetVersionExA
DeviceIoControl
MultiByteToWideChar
TerminateProcess
GetLastError
InterlockedExchange
WideCharToMultiByte
EnterCriticalSection
lstrlenW
LocalAlloc
InterlockedCompareExchange
SetEvent

advapi32

RegQueryInfoKeyW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey

Exports

Exports

Compare
Dir
LookupError
SetVoidPtr
WriteObjectToFile
memcpy_check

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da4d5c887ed7172b9a5089a2fc0a3850

Headers

File Characteristics

Imports

ole32

oleaut32

shell32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 196KB - Virtual size: 195KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 196KB - Virtual size: 195KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 12KB - Virtual size: 10KB