a80224dc5bb218ffa40d122944d054fb54e7d8ab8e28e33624f1d3a6fbdc93b4

Sharing

Copy URL Twitter E-mail

General

Target

a80224dc5bb218ffa40d122944d054fb54e7d8ab8e28e33624f1d3a6fbdc93b4
Size

112KB
MD5

607b3883e78674cc09b19ad4368d19df
SHA1

11b4a4d2a1593d309b5a07492404a9aff5bd1ba0
SHA256

a80224dc5bb218ffa40d122944d054fb54e7d8ab8e28e33624f1d3a6fbdc93b4
SHA512

94992a6374456326d0ad266e5017f7a456a61a257647ac7c1527751c71488380a639c0095d8c99440e4f143e97cd427760095965d477bbdbab24f9c1d2f8cd2f
SSDEEP

3072:jtT+BUQlgCIf7ouSY+5kz7cZVv+OHc3Czfuc:j6aBzzmsEuc

Score

N/A

Malware Config

Signatures

Files

a80224dc5bb218ffa40d122944d054fb54e7d8ab8e28e33624f1d3a6fbdc93b4
.dll windows x86

0e47b09f0fa75887ce3dd919cd7fc63f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetSystemTime
SetLastError
CompareStringW
HeapSetInformation
WriteFile
SetFilePointer
CreateFileW
OutputDebugStringW
GetCurrentProcessId
GetCurrentThreadId
GetLocalTime
GetProcAddress
GetFileAttributesExW
SetFileAttributesW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
FormatMessageW
InterlockedExchange
Sleep
InterlockedCompareExchange
FreeLibrary
LocalFree
lstrlenW
LocalAlloc
SetEnvironmentVariableW
GetLastError
CloseHandle
GetCommandLineW
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
CreateDirectoryW
GetFullPathNameW
GlobalFree
GetCommandLineA
VirtualProtect
MoveFileExW
GlobalAlloc

user32

SetWindowPlacement
ShowWindow
SendMessageW
LoadStringW
GetWindowPlacement
EnableWindow
SetWindowTextW
EndDialog
GetDlgItem
GetSystemMetrics

advapi32

RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey
RegCreateKeyExW
IsValidSid
GetLengthSid
LookupAccountNameW
OpenProcessToken
GetTokenInformation
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
AddAccessDeniedAce
AddAccessAllowedAce
CryptAcquireContextW
TraceMessage

msvcr71

towupper
_wcsnicmp
wcscspn
_initterm
wcscmp
_wcsicmp
_amsg_exit
_XcptFilter
_callnewh
__CppXcptFilter
_except_handler3
_vsnwprintf
memset
_itow
_cexit
_ismbblead
exit
localeconv
__mb_cur_max
fgetc
_CxxThrowException
fclose
strcspn
_errno
free
realloc
setlocale
malloc
__crtCompareStringA
_unlock
_lock
_pctype
__dllonexit
_onexit
_adjust_fdiv
memchr
memcpy
strlen
wcslen
sqrt
ldexp
atan2
iswspace
wcschr
_snwprintf

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e47b09f0fa75887ce3dd919cd7fc63f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcr71

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 36KB - Virtual size: 68KB

.rsrc Size: 4KB - Virtual size: 1024B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 36KB - Virtual size: 68KB

.rsrc
Size: 4KB - Virtual size: 1024B

.reloc
Size: 4KB - Virtual size: 3KB