e5fd003238ea3ad145f1766c6670f58c517cd21d782944a5f11a8b2782f67cda

Sharing

Copy URL Twitter E-mail

General

Target

e5fd003238ea3ad145f1766c6670f58c517cd21d782944a5f11a8b2782f67cda
Size

84KB
MD5

7a6071e850d7619bbd40c3cfab4986e6
SHA1

46ee7cdb38fc0ac4540dc1c495cc0137fbcd5a81
SHA256

e5fd003238ea3ad145f1766c6670f58c517cd21d782944a5f11a8b2782f67cda
SHA512

10499b5da35b29683f457b1735f4a191d725acf1396924fd43e86408201808a562f464eca321fadeb9f4096b3ffd1dbc069e8a166b9ee12274a7f184dcc28202
SSDEEP

1536:0oNA/O1RslAFIQkbR3I2Fu9T64OxZJ4UQ+A6QcfJV4zUS4hazRKockCwAyTAY:zNcO0axkFI6u91O/JxA6ZP4QS4hazRK6

Score

N/A

Malware Config

Signatures

Files

e5fd003238ea3ad145f1766c6670f58c517cd21d782944a5f11a8b2782f67cda
.dll windows x86

c7e483ce5f67aaea33f1423d8d1d6ac3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
SetEnvironmentVariableW
GlobalGetAtomNameA
HeapValidate
SetErrorMode
FreeConsole
GetDiskFreeSpaceW
DeleteTimerQueueTimer
ReplaceFileW
HeapUnlock
GetLogicalDrives
AllocConsole
GlobalFindAtomW
SetCommTimeouts
WriteFileEx
GetDateFormatA
GetVersionExW
GetSystemTimeAdjustment
LocalLock
CreateNamedPipeA
SetLocalTime
GetDiskFreeSpaceA
FindFirstFileA
MoveFileExA
AddAtomA
GetSystemDirectoryW
WriteConsoleW
PostQueuedCompletionStatus
GetLogicalDriveStringsA
GetTempPathW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetEnvironmentVariableA
GlobalDeleteAtom
HeapReAlloc
Beep
ReleaseSemaphore
FatalAppExitA
GetWindowsDirectoryW
CallNamedPipeA
CreateMailslotW
CreateActCtxW
CreatePipe
GetTempFileNameA
GlobalAddAtomW
CreateConsoleScreenBuffer
FindActCtxSectionStringW
LocalAlloc
lstrcmpiA
GetHandleInformation
DeleteTimerQueueEx
VirtualFree
RaiseException
CreateEventA
ChangeTimerQueueTimer
FileTimeToDosDateTime
GetSystemWindowsDirectoryA
LCMapStringA
GetProcessAffinityMask
DuplicateHandle
FlushConsoleInputBuffer
SetFilePointerEx
GlobalMemoryStatusEx
QueueUserAPC
GetCompressedFileSizeW
SetFilePointer
GetComputerNameA
LeaveCriticalSection
GetSystemTimeAsFileTime
GetProcessHeap
GetModuleHandleA
GetTickCount
WriteFile
GetCurrentProcessId
GetModuleFileNameA
Sleep
CreateFileA
LocalFree
GetProcAddress
GetVolumeInformationA
GetLastError
LoadLibraryA
lstrlenA
GetNumberOfConsoleInputEvents
lstrlenW

user32

IsWindow
EnumDesktopsW
GetMenuItemInfoA
GetWindowDC
GetMenuDefaultItem
GetNextDlgTabItem
GetFocus
wsprintfW
IsDialogMessageA
IsCharAlphaNumericW
DestroyCursor
GetWindowRgn
DefFrameProcA
AllowSetForegroundWindow
ShowOwnedPopups
SetRect
ShowWindowAsync
CharLowerA
FrameRect
ChangeMenuA
GetDesktopWindow
CopyIcon
MoveWindow
GetMenuState
SetThreadDesktop
CheckRadioButton
DestroyAcceleratorTable
SendMessageTimeoutA
GetForegroundWindow
CopyImage
GetClassLongA
HideCaret
SetActiveWindow
GetDC
DialogBoxIndirectParamA
CharNextExA
SetScrollInfo
NotifyWinEvent
ValidateRect
SetWindowRgn
CharNextW
SwitchToThisWindow
SetWindowTextW
CreateAcceleratorTableA
EnumThreadWindows
MonitorFromWindow
UnionRect
RemoveMenu
GetWindow
CreateDialogIndirectParamW
SetWindowLongA
GetDlgItem
GetSysColor
FindWindowExA
EnumDisplaySettingsA
VkKeyScanW
ScrollWindow
SetCapture
CreateIconIndirect
GetDlgItemTextW
IsRectEmpty
GetClassNameW
GetWindowContextHelpId
DispatchMessageW
SetTimer
UnhookWinEvent
FindWindowA
SetWinEventHook
RegisterWindowMessageA
GetMessageA
GetParent
KillTimer
RegisterClassExA
GetClassNameA
GetMessageTime

oleaut32

SysAllocStringLen
SysReAllocStringLen

advapi32

QueryServiceLockStatusA
QueryServiceConfig2W
RegLoadKeyA
RegRestoreKeyA
ImpersonateSelf
CredDeleteW
IsTextUnicode
RegSetValueW
DuplicateTokenEx
RegReplaceKeyW
GetNumberOfEventLogRecords
RegDisablePredefinedCache
LogonUserW
GetTokenInformation
RegQueryValueExW
NotifyChangeEventLog
RegOpenKeyW
RegSaveKeyW
MakeSelfRelativeSD
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegisterServiceCtrlHandlerW

shell32

SHGetFileInfoA
SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHFileOperationW
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListA
ShellAboutW
SHGetFolderPathA
SHFileOperationA

Exports

Exports

tapiMainsvc

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7e483ce5f67aaea33f1423d8d1d6ac3

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

advapi32

shell32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB