e85c84ee9b258ed948fe3040f71be7e972c3cb45194e5cc4d8d0c8c523f56a1b

Sharing

Copy URL Twitter E-mail

General

Target

e85c84ee9b258ed948fe3040f71be7e972c3cb45194e5cc4d8d0c8c523f56a1b
Size

61KB
MD5

6357e5cabffa37e82f3b56163027d8c5
SHA1

06bd2fc8d830bb4550ed0e4cdb2f6993355cc069
SHA256

e85c84ee9b258ed948fe3040f71be7e972c3cb45194e5cc4d8d0c8c523f56a1b
SHA512

05ee07853c024e2726fbe64f410e607d791c01f1ea0117dbcc2d5c588277f13d7c9d7a98de1201de19e1de80cc25b5fceee5ade9a98ccb5e683eccd5781e71c1
SSDEEP

768:wZWRmgvy30OR7tutnqFc7czjKry4YExUZQGhg/BBt8lAMWx7keIDPjMmN:wFgKHR4tngYxuQGhg5olXWgjNN

Score

N/A

Malware Config

Signatures

Files

e85c84ee9b258ed948fe3040f71be7e972c3cb45194e5cc4d8d0c8c523f56a1b
.dll windows x86

3edce4617873fd8c5ba9ceaa4d272068

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??1type_info@@UAE@XZ
strcpy
atoi
towlower
tolower
wcsrchr
__dllonexit
rand
srand
_itow
strlen
mbstowcs
strtok
wcstombs
memset
free
malloc
_itoa
??3@YAXPAX@Z
??2@YAPAXI@Z
memcmp
memmove
??_U@YAPAXI@Z
_onexit
_XcptFilter
_initterm
_local_unwind2
_except_handler3
_amsg_exit
_adjust_fdiv
?terminate@@YAXXZ
??_V@YAXPAX@Z
memcpy
_CxxThrowException

kernel32

GetFileSize
VirtualAlloc
ReadFile
VirtualFree
CreateThread
GetModuleFileNameW
lstrcpyW
lstrlenW
OpenMutexW
WaitForSingleObject
WaitForMultipleObjects
GetExitCodeThread
SetFilePointer
SetEndOfFile
CreateMutexW
ReleaseMutex
GetModuleFileNameA
DisableThreadLibraryCalls
ExitProcess
LoadLibraryW
Sleep
GetLastError
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
lstrcatW
LeaveCriticalSection
GetCurrentThreadId
FlushFileBuffers
GetSystemTimeAsFileTime
GetProcAddress
GetModuleHandleA
OpenProcess
RaiseException
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
VirtualFreeEx
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
GetCurrentProcess
FreeLibrary
LoadLibraryA
lstrcmpiW
GetWindowsDirectoryA
GetVolumeInformationA
GetSystemTime
SystemTimeToFileTime
GetTickCount
GetLogicalDriveStringsW
GetDriveTypeW
DeleteFileW
CreateDirectoryW
LocalFree
CreateProcessW
OpenMutexA
OpenEventA
GetCurrentThread
WriteFile
CreateEventW
TerminateProcess
DeleteFileA
WideCharToMultiByte
HeapAlloc
GetProcessHeap
HeapFree
SetFileAttributesW
InterlockedIncrement
InterlockedDecrement
GetVersion
InterlockedExchange
InterlockedCompareExchange
RtlUnwind
QueryPerformanceCounter
GetCurrentProcessId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateFileW
GetVersionExA
CloseHandle
DeviceIoControl
CreateFileA
lstrcatA
lstrcpyA
lstrlenA
TerminateThread
SetFileTime

user32

PostMessageA
CallNextHookEx
wsprintfA
CharUpperW
GetSystemMetrics
SetWindowsHookExA

advapi32

RegQueryValueExW
StartServiceA
QueryServiceStatusEx
QueryServiceConfigA
CloseServiceHandle
RegDeleteKeyW
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegQueryValueW
RegDeleteValueW
ConvertSidToStringSidW
IsValidSid
SetThreadToken
GetLengthSid
SetTokenInformation
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
ChangeServiceConfigA
ControlService
OpenServiceA
OpenSCManagerA
DuplicateTokenEx
SetSecurityInfo
SetEntriesInAclA
RegCreateKeyExW
RegFlushKey
RegCloseKey
RegOpenKeyExW
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetTokenInformation
RegSetValueExW

shell32

SHGetFolderPathA
SHGetFolderPathW

ole32

CoCreateGuid
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree

oleaut32

SysStringLen
SysAllocString
SysFreeString
VariantClear
VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
a
s

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3edce4617873fd8c5ba9ceaa4d272068

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 1024B - Virtual size: 50KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 1024B - Virtual size: 50KB

.reloc
Size: 4KB - Virtual size: 3KB