2f3fceeb43c2581c83dc0fe85314516cc135457a571a960700071ee6b16cc585

Sharing

Copy URL Twitter E-mail

General

Target

2f3fceeb43c2581c83dc0fe85314516cc135457a571a960700071ee6b16cc585
Size

84KB
MD5

5be4942e5bdcf02e57a6f5431d32d50b
SHA1

7ba83dbdcefe5c92331e59d5fddc3c767b74a844
SHA256

2f3fceeb43c2581c83dc0fe85314516cc135457a571a960700071ee6b16cc585
SHA512

d26d451314433d5d91b6f8a2ad44c637bad511339488db3ee69ecff217d353e2208f602964c03bc26a39e56507a7a00452b05523592655863a568a265f23a0b8
SSDEEP

1536:SmypkMsuPG+8+nI5LoXFDFzVHAsEi9jbI+PbgR2:rpuDhOLGDFpgk9jbI+DgR

Score

N/A

Malware Config

Signatures

Files

2f3fceeb43c2581c83dc0fe85314516cc135457a571a960700071ee6b16cc585
.dll windows x86

34f7e3e83c53cedbb2f11d979c5f0682

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandle
SetMailslotInfo
GetCurrencyFormatA
CreateConsoleScreenBuffer
IsBadHugeReadPtr
CreateNamedPipeW
GetProfileIntA
SuspendThread
ConnectNamedPipe
GetTempFileNameA
FindFirstFileExW
GetLargestConsoleWindowSize
IsDBCSLeadByteEx
GetTimeFormatW
GetLogicalDriveStringsW
TransmitCommChar
GetCommConfig
GlobalFindAtomA
WaitNamedPipeW
SetFileAttributesA
GetTimeZoneInformation
GetVolumeNameForVolumeMountPointW
CancelWaitableTimer
FindNextVolumeW
GetStringTypeExW
TryEnterCriticalSection
PeekConsoleInputW
GlobalFree
FreeEnvironmentStringsW
GetOverlappedResult
LCMapStringW
GetBinaryTypeW
FileTimeToDosDateTime
GetStringTypeA
GetVersionExA
GetVolumePathNameW
LocalSize
GetComputerNameA
OpenMutexA
CompareStringA
HeapLock
CreateTimerQueue
BackupRead
DeleteFileA
TransactNamedPipe
CreateMutexA
SizeofResource
FindResourceA
LCMapStringA
GetUserDefaultLCID
EnumUILanguagesW
ResetEvent
GetTimeFormatA
lstrcmpW
LocalLock
FreeConsole
GetStdHandle
GetBinaryTypeA
HeapValidate
FileTimeToSystemTime
ReadFile
WaitCommEvent
FindAtomW
IsProcessorFeaturePresent
GetCommState
GetCommMask
FindActCtxSectionStringW
HeapSize
EnumResourceNamesA
EnumResourceLanguagesW
GetAtomNameW
FindResourceExW
GetCommProperties
ClearCommError
WriteConsoleA
LeaveCriticalSection
ExitProcess
CreateProcessA
lstrlenA
Sleep
SetEvent
GetModuleHandleA
LoadLibraryA
GetProcAddress
InterlockedIncrement
GetTickCount
GetModuleFileNameA
WriteFile
GetLastError
GetSystemDirectoryA
VirtualProtect
VirtualQuery
GetTempFileNameW
InterlockedCompareExchange

ole32

IIDFromString
CreateOleAdviseHolder
CoMarshalInterThreadInterfaceInStream
StgCreateDocfileOnILockBytes
CreateFileMoniker
CoUnmarshalInterface
CoCreateInstanceEx
CoSetProxyBlanket
CoEnableCallCancellation
CoAddRefServerProcess
CoImpersonateClient
OleCreateLinkToFile
CoGetInterfaceAndReleaseStream
OleTranslateAccelerator
CoLockObjectExternal
CoGetClassObject
BindMoniker
OleDuplicateData
CoTaskMemFree
CLSIDFromString

oleaut32

SysReAllocString
SysStringLen
SysAllocString

shlwapi

PathCompactPathW
SHAutoComplete
PathGetDriveNumberW
PathBuildRootW
StrFormatKBSizeW
SHRegSetUSValueW
SHSetValueW
PathIsDirectoryW
StrRChrW
PathIsUNCW
PathFindFileNameA
UrlEscapeW
PathStripToRootW
SHRegGetBoolUSValueW
StrChrW
StrCmpIW
StrRetToStrW

advapi32

RegSetValueExA
GetSecurityDescriptorSacl
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegFlushKey
ChangeServiceConfigW
EnumServicesStatusW
ReportEventA
ChangeServiceConfig2W
RegReplaceKeyW
GetUserNameA
SetTokenInformation
EnumDependentServicesW
RegSetValueA
QueryServiceStatus
CredGetSessionTypes
CredDeleteW
InitiateSystemShutdownExW
RegQueryInfoKeyW
CredFree
EnumDependentServicesA
InitiateSystemShutdownW
RegLoadKeyW
ImpersonateSelf
RegOpenKeyExW
DeregisterEventSource
RegUnLoadKeyW
RegQueryValueExA

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34f7e3e83c53cedbb2f11d979c5f0682

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 2KB