3971501f60bf0550a5d732bd1778cab20caa97ffeb2f64f9a0c0f6bdb9a25662

Sharing

Copy URL Twitter E-mail

General

Target

3971501f60bf0550a5d732bd1778cab20caa97ffeb2f64f9a0c0f6bdb9a25662
Size

152KB
MD5

71df3adf0b30bc46a5c255f906cb77f0
SHA1

8ddeaad3e6c802e34cec66a4fd7b7523ffefa0f2
SHA256

3971501f60bf0550a5d732bd1778cab20caa97ffeb2f64f9a0c0f6bdb9a25662
SHA512

00e49c40d422b6c2ba6f7f7c6101e65e108e5d068748453f780569a257f8d0c9e63a4dd4f30ce6e1b0395d182da33d61c35065ae95c631ae7d04ff22b8495ffa
SSDEEP

3072:SeNMwwBOObqPBF76bbnH2tLVoov52b8IJmFKC:S4Mq9JFEbnH0Lv2j/

Score

N/A

Malware Config

Signatures

Files

3971501f60bf0550a5d732bd1778cab20caa97ffeb2f64f9a0c0f6bdb9a25662
.dll windows x86

57d9aebecf49a972498cc6b7d314b90c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
WideCharToMultiByte
lstrlenA
CreateDirectoryA
GetTempPathA
GetPrivateProfileStructA
WritePrivateProfileSectionA
LoadResource
LockResource
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InitializeCriticalSectionAndSpinCount
GetCurrentThread
GetCurrentProcess
GetSystemDirectoryW
GetVolumePathNameW
GetVolumeInformationW
CreateMutexW
WaitForSingleObject
ReleaseMutex
GetDriveTypeW
InterlockedDecrement
InterlockedIncrement
FindResourceExW
GetStringTypeA
LCMapStringW
lstrcpyA
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
HeapAlloc
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapFree
GetStringTypeW
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
ExitProcess
GetVersion
RtlUnwind
LocalFree
LocalAlloc
FormatMessageA
FormatMessageW
OpenEventA
OpenSemaphoreA
OutputDebugStringA
GlobalUnlock
CopyFileA
SetVolumeLabelA
InterlockedExchange
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcmpW
GetExitCodeThread
GetVersionExW
GetPrivateProfileStringW
GlobalFree
SearchPathW
GetWindowsDirectoryW
CreateFileW
lstrcmpiW
CloseHandle
GlobalAlloc
lstrcpyW
CreateThread
Sleep
GetModuleHandleW
lstrcpynW
lstrlenW
LoadLibraryW
GetProcAddress
FreeLibrary
DisableThreadLibraryCalls
GetCommandLineA
LCMapStringA
VirtualProtect

user32

SetWindowLongW
GetParent
CheckDlgButton
IsDlgButtonChecked
DialogBoxParamW
LoadImageW
MapDialogRect
SetWindowPos
DestroyIcon
GetWindowRect
GetSystemMetrics
CreateDesktopA
FindWindowA
OemToCharA
CharToOemBuffA
IsCharLowerA
PostMessageW
SendMessageW
LoadStringW
MessageBoxW
RegisterWindowMessageA
ShowWindow
GetDlgItem
SetForegroundWindow
EndDialog
SetDlgItemTextW
wsprintfW
SetFocus
EnableWindow
SendDlgItemMessageW
WinHelpW
CharNextW
CharPrevW
GetDlgItemTextW
DialogBoxParamA

advapi32

GetNamedSecurityInfoW
GetAclInformation
GetAce
IsValidSid
GetLengthSid
CopySid
GetSecurityDescriptorOwner
LogonUserW
GetSecurityDescriptorLength
MakeSelfRelativeSD
ConvertSidToStringSidW
OpenThreadToken
OpenProcessToken
GetTokenInformation
SetSecurityDescriptorControl
AddAccessAllowedAceEx
SetNamedSecurityInfoW
RegSetValueW
GetSecurityDescriptorControl
EqualSid
GetSecurityDescriptorDacl
ConvertStringSidToSidW
BuildTrusteeWithSidW
GetEffectiveRightsFromAclW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
RegQueryValueExW
IsValidSecurityDescriptor
RegCloseKey
CloseServiceHandle
ChangeServiceConfigA
AbortSystemShutdownA
RegQueryValueExA
IsTextUnicode

gdi32

CreateFontIndirectW
CreateDCA
GetOutlineTextMetricsA
DeleteObject
GetObjectW

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57d9aebecf49a972498cc6b7d314b90c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 44KB - Virtual size: 78KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 44KB - Virtual size: 78KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB