b32d2eacffcbe1698f2bf7b54ab7d2a5e0a589c4747b6207d76c71606e8f4910

Sharing

Copy URL Twitter E-mail

General

Target

b32d2eacffcbe1698f2bf7b54ab7d2a5e0a589c4747b6207d76c71606e8f4910
Size

320KB
MD5

929984f0a8df9b24a4147fdd4082c5b0
SHA1

c00b057e1896e1564fa3d193586a2e769a4e181c
SHA256

b32d2eacffcbe1698f2bf7b54ab7d2a5e0a589c4747b6207d76c71606e8f4910
SHA512

cca7a7d4b052a98a5e4395a8ef93042a2ddf18559c1e9bfae50a57786f434470fa212561672a3926dde70fe0be4ea2a66af5f2d587877e791bb9e2017b930040
SSDEEP

1536:cTUpuTRuJ//M5HJii5zndfqnIXz/xcYX10yn7YV9:cTUpxM5HJii5zndGu/xn10yn7s9

Score

N/A

Malware Config

Signatures

Files

b32d2eacffcbe1698f2bf7b54ab7d2a5e0a589c4747b6207d76c71606e8f4910
.dll windows x86

66a2bcf4a93bffa5a3ea80c4b34a48a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2764
ord4129
ord858
ord5710
ord535
ord356
ord2915
ord2770
ord668
ord860
ord540
ord802
ord542
ord2777
ord939
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord537
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord353
ord3318
ord5442
ord1979
ord665
ord4204
ord6662
ord4278
ord6283
ord6282
ord6569
ord6648
ord4058
ord924
ord2781
ord3178
ord3181
ord6877
ord1980
ord940
ord825
ord823
ord5683
ord859
ord4202
ord941
ord800
ord2818
ord1116

msvcrt

?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
_EH_prolog
strtok
_ftol
_iob
fflush
_initterm
time
srand
sprintf
memset
free
malloc
__CxxFrameHandler
_mbscmp
printf
strcat
_adjust_fdiv
??1type_info@@UAE@XZ
strlen
atoi
_mbsrchr
strcpy
_mbsicmp
wcslen
rand
toupper
memcpy

kernel32

OpenProcess
LocalAlloc
GetTempPathA
CreateProcessA
Sleep
lstrlenA
lstrcpyA
lstrcatA
GetSystemDirectoryA
FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
SetFileAttributesA
GetDiskFreeSpaceA
DeleteFileA
MoveFileA
WaitForSingleObject
SetFilePointer
WriteFile
FormatMessageA
LocalFree
lstrcmpiA
OutputDebugStringA
CreateDirectoryA
CopyFileA
CreateFileA
AreFileApisANSI
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
CreateToolhelp32Snapshot
Process32First
TerminateProcess
Process32Next
GetLogicalDriveStringsA
GetDriveTypeA
SetVolumeMountPointA
GetLastError
CloseHandle
SetPriorityClass
GetFileAttributesA
GetModuleHandleA
GetProcAddress
GetCurrentProcess

user32

FindWindowA
GetWindowThreadProcessId

advapi32

LsaQueryInformationPolicy
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegEnumValueA
RegLoadKeyA
RegUnLoadKeyA
RegQueryInfoKeyA
LsaOpenPolicy
LsaClose
LsaFreeMemory
RegCloseKey

shell32

SHChangeNotify
SHGetFileInfoA
ShellExecuteA

ole32

CoCreateGuid
CoUninitialize
CoInitialize

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

shlwapi

PathFileExistsA
SHDeleteKeyA

Exports

Exports

FCB_RunDll

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66a2bcf4a93bffa5a3ea80c4b34a48a4

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

shell32

ole32

msvcp60

shlwapi

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 252KB - Virtual size: 265KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 252KB - Virtual size: 265KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB