7a25b3f4a80d3b2140be70ca6916060e8a0d1d31e1e23a78c0508f42e02a6952

Sharing

Copy URL Twitter E-mail

General

Target

7a25b3f4a80d3b2140be70ca6916060e8a0d1d31e1e23a78c0508f42e02a6952
Size

197KB
MD5

80eacfea8145c5f005b2bfd590e17636
SHA1

4738e0a40704aeb41ed398cb698456b46910d415
SHA256

7a25b3f4a80d3b2140be70ca6916060e8a0d1d31e1e23a78c0508f42e02a6952
SHA512

ab5d04dcd535a021588489d0653c98d3a61be270f215314120f863f956286813b637c041f2cecb8d6e5b331860c6942df22867be6dd8465cd0f9db5f7517d377
SSDEEP

6144:UdAwMwPOInjZ5O/ETVxz7gwfbUp4ZpaFqqDLuJ0:UdAwMwHnauJ7hUp4ZrqnuJ0

Score

N/A

Malware Config

Signatures

Files

7a25b3f4a80d3b2140be70ca6916060e8a0d1d31e1e23a78c0508f42e02a6952
.dll windows x86

16d96ad56ec9d399552cb8007322fa75

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetProfileStringA
DeleteFileW
DeleteFileA
CreateDirectoryW
CreateDirectoryA
GetSystemDirectoryA
GetProfileStringW
FindClose
LoadLibraryExA
OutputDebugStringW
FindFirstFileW
FindNextFileW
GetLogicalDriveStringsW
LoadLibraryA
lstrlenW
WideCharToMultiByte
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsGetValue
GetStdHandle
GetACP
GetOEMCP
WriteFile
VerLanguageNameW
FlushFileBuffers
SetStdHandle
GetSystemInfo
VirtualQuery
InterlockedIncrement
InterlockedDecrement
lstrlenA
HeapDestroy
GlobalUnlock
GlobalLock
lstrcpynA
SizeofResource
LoadResource
FindResourceA
lstrcpyA
lstrcatA
GlobalFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
lstrcmpiA
InterlockedCompareExchange
InterlockedExchange
GetComputerNameW
VerLanguageNameA
SetErrorMode
GetModuleFileNameA
DisableThreadLibraryCalls
GetVersionExA
GetDateFormatA
GetThreadLocale
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
GetTempFileNameA
GetTempPathA
GetSystemDirectoryW
FreeLibrary
FormatMessageW
LoadLibraryExW
CloseHandle
SetEvent
GetProcAddress
lstrcpyW
Sleep
LoadLibraryW
GetCurrentThread
CreateThread
GetModuleHandleW
GetCurrentProcess
TerminateThread
LocalAlloc
LocalFree
FindAtomA
DeleteAtom
GetCommandLineA
VirtualAlloc
VirtualProtect

user32

MessageBoxW
EnableWindow
SetWindowLongA
LoadStringA
SendMessageW
CharNextA
SetDlgItemInt
RegisterClipboardFormatA
GetWindowRect
GetDlgItem
SendMessageA
LoadCursorA
GetWindow
CharUpperBuffW
GetActiveWindow
wsprintfA
EndDialog
SetFocus
SetCursor
DialogBoxParamW
ShowWindow
PostMessageA
IsWindow
SetWindowTextW
SetWindowTextA
GetWindowLongA
GetWindowTextW
LoadStringW
GetDesktopWindow
MoveWindow
GetSystemMetrics
GetWindowTextA
GetParent
GetDlgCtrlID
MessageBoxA
DialogBoxParamA

advapi32

LookupAccountSidW
GetLengthSid
CopySid
OpenProcessToken
OpenThreadToken
RegCloseKey
SetServiceStatus
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
RegFlushKey
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegEnumValueW
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyW
RegEnumKeyExW
RegGetKeySecurity
RegConnectRegistryW
RegSaveKeyW
RegUnLoadKeyW
RegSetKeySecurity
RegQueryInfoKeyW
RegSetValueExW
RegLoadKeyW
RegDeleteKeyW
InitializeSecurityDescriptor
GetTokenInformation

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

rpcrt4

I_RpcMapWin32Status
RpcRevertToSelf
RpcImpersonateClient

msvcrt

free
_wcsnicmp
fopen
_winmajor
_wsplitpath
wcsncmp
wcsrchr
_errno
calloc
_fullpath
_wfullpath
_access
_waccess
_open
_wopen
_close
iswctype
_snwprintf
_wmakepath
sprintf
_splitpath
wcschr
_ltow
wcstol
fclose
fprintf
memset
memcpy
realloc
_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
malloc
_wcsicmp
memmove
wcscpy
wcslen
wcscmp
wcsncpy
wcscat
wcsncat
swprintf
_except_handler3
__CxxFrameHandler

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16d96ad56ec9d399552cb8007322fa75

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rpcrt4

msvcrt

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 61KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 61KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 6KB