e88eced50a916a130bc145963f019a36b4759e07e16f98f21b84969ed74550f0

Sharing

Copy URL Twitter E-mail

General

Target

e88eced50a916a130bc145963f019a36b4759e07e16f98f21b84969ed74550f0
Size

84KB
MD5

91dc47a6d45628a762827f600c0416a5
SHA1

8bff23fc8c376b967cb1750e5e71541179f4ae5f
SHA256

e88eced50a916a130bc145963f019a36b4759e07e16f98f21b84969ed74550f0
SHA512

18f07fcbec8b1d7661de2541e16ae1c394c6b969f39f570a3aa23ce6e19aada551b1855b82c4b28881c537483a3527229a5a23c9584803e1c1055836ecac1cd7
SSDEEP

1536:e+WcIDEepw/2t3itvSFTAFQMwTMeuQXEXRq7Dh00E25pORgVJ8Uv1w7x:6xER/2VituTvMwTMeuQXEXRq7Dh00E2K

Score

N/A

Malware Config

Signatures

Files

e88eced50a916a130bc145963f019a36b4759e07e16f98f21b84969ed74550f0
.dll windows x86

572676b777ee374346fa9804c2e17be8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
RegisterWaitForSingleObject
QueryPerformanceFrequency
GetModuleHandleW
SetInformationJobObject
SetHandleInformation
FreeEnvironmentStringsW
ExitThread
SetProcessWorkingSetSize
SetLocalTime
CreateMutexW
FindNextVolumeMountPointW
FindAtomW
IsValidLocale
GetConsoleMode
GetSystemDirectoryW
WriteProfileStringW
GetLocalTime
SystemTimeToTzSpecificLocalTime
GetDateFormatA
CreateToolhelp32Snapshot
CopyFileExW
DosDateTimeToFileTime
FlushFileBuffers
GetWindowsDirectoryA
LocalReAlloc
EnumResourceNamesA
UnregisterWait
FindNextFileA
lstrcmpW
lstrcpyA
InterlockedExchangeAdd
SetComputerNameA
IsDBCSLeadByte
FindResourceExW
GetFileType
GetStartupInfoW
LoadResource
ResumeThread
LocalLock
SetEnvironmentVariableW
CreateSemaphoreA
SetMailslotInfo
GetCalendarInfoW
FindNextVolumeW
DnsHostnameToComputerNameW
HeapSize
UnlockFile
FindFirstVolumeMountPointW
GetCurrentThread
GetSystemWow64DirectoryW
WaitForMultipleObjectsEx
WriteConsoleW
SetConsoleScreenBufferSize
ReadDirectoryChangesW
GlobalAddAtomA
GetVersionExW
GetCommTimeouts
IsWow64Process
GetTimeZoneInformation
HeapFree
GetProcessHeap
InterlockedExchange
CreateMutexA
CopyFileA
LoadLibraryA
GetTickCount
InterlockedDecrement
Sleep
EnterCriticalSection
WriteFile
InterlockedIncrement
CreateFileMappingA
CreateProcessA
lstrlenW
LeaveCriticalSection
MapViewOfFile
GetCommandLineA
GetVolumeInformationA
WaitForSingleObject
LocalFree
GetModuleHandleA
GetCurrentProcessId
GetProcAddress
FindNextFileW
GetModuleFileNameA

ole32

StringFromGUID2
CoEnableCallCancellation
CreateAntiMoniker
CoQueryProxyBlanket
RegisterDragDrop
CoFileTimeNow
CoAllowSetForegroundWindow
OleSetMenuDescriptor
CoRevertToSelf
CoMarshalInterface
StgOpenStorageOnILockBytes
OleLoadFromStream
OleCreateFromFile
OleDraw
GetRunningObjectTable
CoGetCallContext
OleLockRunning
CoInitialize
CoTaskMemFree

advapi32

UnlockServiceDatabase
RegConnectRegistryW
MakeSelfRelativeSD
ControlService
RegEnumKeyExA
InitiateSystemShutdownW
EnumServicesStatusA
SaferGetPolicyInformation
RegQueryInfoKeyA
GetInheritanceSourceW
EnumServicesStatusExW
MapGenericMask
CredWriteW
RegCreateKeyW
CreateProcessAsUserW
CreateProcessWithLogonW
RegisterServiceCtrlHandlerExA
RegCloseKey
CreateProcessAsUserA
SetEntriesInAclW
RegDeleteValueW
RegFlushKey
RegEnumValueA
ImpersonateNamedPipeClient

gdi32

GetROP2
SetPaletteEntries
GetRandomRgn
SetAbortProc
EnumEnhMetaFile
CreateEllipticRgnIndirect
GetCurrentObject
SetMetaRgn
CreateRoundRectRgn
GetRegionData
GetCharWidth32W
SetTextJustification
GetPixelFormat
GetTextFaceW
FlattenPath
ScaleViewportExtEx
GetKerningPairsA
GetWindowOrgEx
GetSystemPaletteUse
CreateICW
ExtTextOutA
PlayEnhMetaFileRecord
EnumMetaFile
CreateFontA
GetStockObject
SetMiterLimit
AnimatePalette
GetEnhMetaFileHeader
SetWorldTransform
GetCurrentPositionEx
GetCharWidthW
SetBkMode

Exports

Exports

HandlerMobileNotifier

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

572676b777ee374346fa9804c2e17be8

Headers

File Characteristics

Imports

kernel32

ole32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB