0848885db06711a20902d599de6b404f9a8dfa96fa410c7d74b3843f43dd9fb1

Sharing

Copy URL Twitter E-mail

General

Target

0848885db06711a20902d599de6b404f9a8dfa96fa410c7d74b3843f43dd9fb1
Size

120KB
MD5

a2154261d499dbcaca37230ad77671d5
SHA1

24d70c2356f06b6c421b51e099d2a94fecc72fd6
SHA256

0848885db06711a20902d599de6b404f9a8dfa96fa410c7d74b3843f43dd9fb1
SHA512

3741746a611a66be56be5020af2dee36a3d5d16e8a98cbe43b88cc03e5c262c14054853aed271633b9a9cdb6448f1c80b1317dea59c37b36095e6dd5ead1fe9a
SSDEEP

3072:R+sazIt8hT61GqeYaHSRw1ALW4s5Qs+f0xu74dVpOF5s:tazIt8hTiGq6S+Qso6R

Score

N/A

Malware Config

Signatures

Files

0848885db06711a20902d599de6b404f9a8dfa96fa410c7d74b3843f43dd9fb1
.dll windows x86

94bfa222fe381ddda8eaeec1b99df988

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetGetUserW

advapi32

RegCreateKeyW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegQueryValueExA
RegOpenKeyA
EqualSid
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
LookupAccountSidW
OpenThreadToken
RegDeleteKeyA
RegOpenKeyW

kernel32

FindClose
FindFirstFileW
GetFileAttributesW
CreateFileA
GetFileAttributesA
GetVersion
GetCurrentProcess
GetVersionExW
CreateEventW
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
SetEvent
TerminateThread
CreateThread
InitializeCriticalSection
UnmapViewOfFile
CreateMutexW
ReleaseMutex
VirtualAlloc
InterlockedIncrement
DeleteCriticalSection
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
DuplicateHandle
OpenProcess
WaitForMultipleObjects
OpenMutexW
SetLastError
LocalFree
FindResourceW
GetLastError
LocalAlloc
lstrlenA
lstrcmpA
GetProcAddress
GetModuleHandleA
SetThreadPriority
GetCurrentThread
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
GetModuleHandleW
LoadLibraryW
GetModuleFileNameW
OutputDebugStringA
LoadLibraryExW
FreeLibrary
lstrlenW
FileTimeToSystemTime
WriteFile
SetFilePointer
FlushFileBuffers
SetEnvironmentVariableA
VirtualFree
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
lstrcpynW
GetFullPathNameW
lstrcpynA
MultiByteToWideChar
AreFileApisANSI
GetFullPathNameA
WideCharToMultiByte
InterlockedDecrement
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
HeapSize
RaiseException
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
HeapDestroy
GetProcessHeap
GetVersionExA
GetCommandLineA
Sleep
WaitForSingleObject
CloseHandle
GetCurrentProcessId
CompareStringW
FileTimeToLocalFileTime
HeapReAlloc
RtlUnwind
HeapAlloc
HeapFree

gdi32

DeleteObject
GetObjectW
CreateCompatibleDC
SelectObject
GetDIBits
SetDIBits
DeleteDC
CreateDIBSection

Exports

Exports

DllCanUnloadNow
DllGetClassObject
ESS_ShellExtension_install
ESS_ShellExtension_uninstall

Sections

.text
Size: 90KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 192KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 183B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94bfa222fe381ddda8eaeec1b99df988

Headers

File Characteristics

Imports

mpr

advapi32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 90KB - Virtual size: 160KB

.bss Size: - Virtual size: 192KB

.pdata Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 183B

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 90KB - Virtual size: 160KB

.bss
Size: - Virtual size: 192KB

.pdata
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 183B

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 20KB - Virtual size: 20KB