c73197b5f5846146be14dac81644a529f8fa40c1f40083076c422bf750ab0ece

Sharing

Copy URL Twitter E-mail

General

Target

c73197b5f5846146be14dac81644a529f8fa40c1f40083076c422bf750ab0ece
Size

108KB
MD5

6725dafa4dbcc118a9bce7d63989df2b
SHA1

177d3bdc8abdebd505cef45c3ff29ef23a605970
SHA256

c73197b5f5846146be14dac81644a529f8fa40c1f40083076c422bf750ab0ece
SHA512

ebf7fe66f36eed5c100911c3abb546ba83cd8aaa293d2f9dbce7ce7239b8409bfd38266cd684206c78563278aadd257e0413835a2e6eea7a3bed78ba34d2e2e9
SSDEEP

1536:Xdq0sAcF0IASpr1lsFSta9ZotoH4eqgdYaf/GCSC9o8ACYWrG:NqhR0IhrwAta9dXddCqo8ARQG

Score

N/A

Malware Config

Signatures

Files

c73197b5f5846146be14dac81644a529f8fa40c1f40083076c422bf750ab0ece
.dll windows x86

261721a7b108f0796099b4ac92f38e66

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DisableThreadLibraryCalls
lstrlenA
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetShortPathNameW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
ReleaseSemaphore
IsDBCSLeadByte
TlsAlloc
GetVersionExA
ReleaseMutex
CreateMutexA
TlsFree
FreeLibrary
IsBadWritePtr
GetProfileStringA
IsBadStringPtrA
IsBadReadPtr
GlobalUnlock
GetProcAddress
TlsSetValue
GlobalLock
LockResource
GetCurrentThread
FreeResource
MultiByteToWideChar
lstrcpyA
lstrcatA
lstrcmpA
SetLastError
FindResourceA
lstrcatW
HeapDestroy
lstrcpyW
CreateEventW
WaitForSingleObject
InterlockedIncrement
InterlockedDecrement
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
lstrcmpW
GetVersionExW
WideCharToMultiByte
SetEvent
GetLastError
GetSystemTimeAsFileTime
CreateThread
LocalFree
FormatMessageW
CreateProcessW
MoveFileW
TerminateProcess
GetCurrentProcess
CompareFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
EnterCriticalSection
lstrlenW
GetModuleFileNameW
LeaveCriticalSection
CloseHandle
VirtualProtect
GlobalFree
GetCommandLineA
TlsGetValue
GlobalAlloc

user32

RegisterClassA
CharNextW
wsprintfW
LoadStringW
PostThreadMessageW
EnableWindow
SetDlgItemTextA
CreateDialogParamA
DestroyWindow
ShowCursor
DefWindowProcA
GetParent
MessageBeep
GetClassInfoA
CreateWindowExA
SetDlgItemInt
GetClientRect
LoadCursorA
LoadStringA
SetCursor

advapi32

RegEnumKeyExA
RegOpenKeyExW
RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegOpenKeyExA
GetFileSecurityW
RegSetValueExW
RegCloseKey
RegCreateKeyW
AllocateAndInitializeSid
FreeSid
EqualSid
GetSecurityDescriptorDacl
RegCreateKeyExW
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
GetSidSubAuthority
OpenThreadToken
OpenProcessToken
RegQueryInfoKeyA

gdi32

SetAbortProc
DeleteDC
CreateDCA
GetDeviceCaps
AbortDoc
StartDocA
EndPage
EndDoc
GetICMProfileA
SetICMMode
SetICMProfileA
StartPage

ole32

StringFromGUID2
CoCreateInstance
CreateItemMoniker
CoInitialize
CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
CoRevokeClassObject
CoUninitialize

msvcr71

free
_adjust_fdiv
wcslen
_CxxThrowException
realloc
malloc
_ftol
strncat
_onexit
_itoa
strchr
strncpy
_ultoa
_wtoi
_wcsicmp
wcscpy
_initterm
__CppXcptFilter
__dllonexit
wcsstr
_wfindnexti64
_wremove
_wsplitpath
_wfindfirsti64
_findclose
wcschr
_except_handler3

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

261721a7b108f0796099b4ac92f38e66

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 4KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 1024B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 4KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 1024B

.reloc
Size: 4KB - Virtual size: 3KB