ef74ea018f66968999962ca27def1961713566f5b7fe4d9e60ec4a409a0a3cba

Sharing

Copy URL Twitter E-mail

General

Target

ef74ea018f66968999962ca27def1961713566f5b7fe4d9e60ec4a409a0a3cba
Size

121KB
MD5

6ab363f852c9920c761fdf085205ea3d
SHA1

e4ce14bb01ecda05d6f8e60be435d3e10c54f912
SHA256

ef74ea018f66968999962ca27def1961713566f5b7fe4d9e60ec4a409a0a3cba
SHA512

e56f0a3302b18ff2a1826c0bb4aefd74f1afdee5bf68d47bb99930b0afdb95d60215f00425efc439c8694ffc297f0c00eed94a31287aa818afb5157404c00c98
SSDEEP

3072:Zoo1DBiTNqOmwX0Q/sAgaKIlM9qjwP33fVPn8Wb:h1VVwEQ/sA0IlMMjm33fx

Score

N/A

Malware Config

Signatures

Files

ef74ea018f66968999962ca27def1961713566f5b7fe4d9e60ec4a409a0a3cba
.dll windows x86

5c4a6c3f1ef3ca8d9a97f8ec90892975

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
LocalFree
CreateFileW
LocalAlloc
CloseHandle
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
SetFilePointer
GetFileType
WriteFile
RtlUnwind
InterlockedCompareExchange
Sleep
InterlockedExchange
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
LoadLibraryExW
GetDiskFreeSpaceA
MulDiv
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetLocalTime
GetVolumeInformationA
GetSystemTimeAsFileTime
FindNextFileA
GetSystemDirectoryA
FindClose
DefineDosDeviceW
SetFileAttributesA
GetDriveTypeA
SetErrorMode
InterlockedDecrement
GetVersionExA
GetWindowsDirectoryA
GetFileAttributesA
lstrcmpA
WritePrivateProfileSectionA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcmpiA
GetModuleFileNameA
CopyFileA
lstrlenA
GetTickCount
GetSystemDefaultUILanguage
FindFirstFileA
EnterCriticalSection
LeaveCriticalSection
ResetEvent
CreateFileA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ReadFile
lstrcmpW
GetTempPathW
DeleteFileW
DeviceIoControl
GetProcAddress
LoadLibraryW
SetLastError
OutputDebugStringA
LoadLibraryA
FreeLibrary
GlobalFree
GetCommandLineA
GlobalAlloc
MultiByteToWideChar
VirtualProtect

user32

MsgWaitForMultipleObjects
CheckDlgButton
GetDlgItem
EnableWindow
PeekMessageW
LoadStringW
MessageBoxW
WinHelpW
GetParent
DispatchMessageW
TranslateMessage
CharToOemW
GetDlgItemTextW
SetFocus
MessageBoxA
CharPrevA
CharNextA
DispatchMessageA
PeekMessageA
LoadStringA
ShowWindow
CheckRadioButton
GetSystemMetrics
LoadImageW
SendDlgItemMessageW
SetDlgItemTextW
SetWindowLongW
GetWindowLongW
wsprintfW
SendMessageW

advapi32

RegSetValueExW
RegQueryValueExW
RegCloseKey
TraceMessage
RegOpenKeyExA
RegEnumValueA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExW
FreeSid

ole32

CreateBindCtx
CoTaskMemAlloc
CoTaskMemFree

msvcr71

_onexit
memmove
bsearch
_wcsnicmp
realloc
_initterm
_adjust_fdiv
calloc
memset
_vsnprintf
malloc
_XcptFilter
free
memcpy
_wcsicmp
_vsnwprintf
_except_handler3
_ismbcdigit
__CppXcptFilter
__dllonexit
_purecall

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c4a6c3f1ef3ca8d9a97f8ec90892975

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcr71

Sections

.text Size: 41KB - Virtual size: 40KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 4KB - Virtual size: 35KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 41KB - Virtual size: 40KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 4KB - Virtual size: 35KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 3KB - Virtual size: 2KB