27d1ddd62cf098ed72ab38114a0c49ebdc01ca1699daf3780c0a8b8b5d785171

Sharing

Copy URL Twitter E-mail

General

Target

27d1ddd62cf098ed72ab38114a0c49ebdc01ca1699daf3780c0a8b8b5d785171
Size

132KB
MD5

43ce2cc0bf8390be2c3314e885282df0
SHA1

ba3da9248c1585ceab6612528c87d8eea9d75019
SHA256

27d1ddd62cf098ed72ab38114a0c49ebdc01ca1699daf3780c0a8b8b5d785171
SHA512

44506853619b2f426cbdb842fd5e2854c97306cd23328a70570a295173c5afbbf5cad088e52175c2b58cae3a2f754413b3921b83d928ac817a3c8ef41e6dec55
SSDEEP

3072:UL9pfVriqDB4y55U5BkJsoThq+1erHoaXEMGjzlF:k9VNi26shq+crn0MGjBF

Score

N/A

Malware Config

Signatures

Files

27d1ddd62cf098ed72ab38114a0c49ebdc01ca1699daf3780c0a8b8b5d785171
.dll windows x86

1bb4885267d9551080ff03ebc516ffbd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
GetOEMCP
GetACP
lstrcatA
GetLocaleInfoA
GetCPInfo
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
VirtualQuery
InterlockedExchange
RtlUnwind
CreateFileA
GetModuleFileNameA
SetFilePointer
GetFileSize
CloseHandle
lstrcpyA
InitializeCriticalSection
WriteFile
lstrlenA
LoadLibraryA
GetProcAddress
FreeLibrary
ReadFile
HeapFree
ExitProcess
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter

user32

SendMessageA
MessageBoxA
GetDesktopWindow
DialogBoxParamA
EnableWindow
ShowWindow
SetForegroundWindow
GetDlgItem
SetFocus
CreateDialogParamA
LoadCursorA
SetCursor
DestroyWindow
EndDialog
CharNextA
GetWindowTextA
SetWindowTextA
LoadStringA
PeekMessageA
TranslateMessage
DispatchMessageA
PostMessageA

gdi32

GetDeviceCaps
StartDocA
StartPage
EndPage
EndDoc
DeleteDC
SetMapMode

comdlg32

PrintDlgA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

Exports

Exports

EBUEula
_EBUEula@16

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1bb4885267d9551080ff03ebc516ffbd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 16KB - Virtual size: 13KB

.reloc Size: 8KB - Virtual size: 4KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 16KB - Virtual size: 13KB

.reloc
Size: 8KB - Virtual size: 4KB

.rmnet
Size: 60KB - Virtual size: 60KB