2241ad60b98a042b0d735269d813541e6db0911d93e1d03402ff6cbc296a9c70_unpacked

Sharing

Copy URL Twitter E-mail

General

Target

2241ad60b98a042b0d735269d813541e6db0911d93e1d03402ff6cbc296a9c70_unpacked
Size

80KB
MD5

8bc7776c2b2f9c6b034e55e57c041d59
SHA1

01950a36a44b03a0ea836c7b499d5844e9170d7d
SHA256

1e40279b32b23893ab934e5cc51769609765033d8727846f6ce4185ab515a6db
SHA512

3f92bfd0855d5e72b96747b9bf93fe5f74dcfce4b0e347077b37628339d91cdc490a82e52284eda13534465398fab62d26c3df3e2bbc8f2197bcedf80b8df90c
SSDEEP

1536:Ueelzu0XyOoF/apCsXdFfuBmJ6f2pDEHM/9jF3fdF1:SlzuBEpCsXdFfuBQ6eie9Zvd

Score

N/A

Malware Config

Signatures

Files

2241ad60b98a042b0d735269d813541e6db0911d93e1d03402ff6cbc296a9c70_unpacked
.dll windows x86

8efba1de6ed85f7abafeb558a66959d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetTempPathW
CreateFileW
GetSystemDirectoryA
CreateDirectoryW
lstrcpyW
lstrcatW
GetSystemDirectoryW
GetTickCount
RegisterWaitForSingleObject
CreateProcessA
GetExitCodeProcess
UnregisterWait
PulseEvent
IsBadCodePtr
TlsFree
TlsAlloc
lstrcmpiA
LeaveCriticalSection
ResumeThread
GetModuleHandleA
WaitForMultipleObjects
lstrcpyA
GetCurrentProcessId
GetLastError
TerminateProcess
lstrlenA
InitializeCriticalSection
WinExec
DeleteFileW
GetWindowsDirectoryW
CopyFileW
GetWindowsDirectoryA
SetFilePointer
SuspendThread
GetModuleFileNameA
LoadLibraryA
GetProcAddress
GetCurrentThread
GetModuleHandleExA
CloseHandle
OpenEventA
lstrcatA
CreateEventA
Sleep
ExitProcess
GetExitCodeThread
SetEvent
WaitForSingleObject
CreateFileA
DeleteFileA
GetCommandLineA
lstrcmpA
TlsGetValue
TlsSetValue
TerminateThread
GetCurrentThreadId
CreateThread
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
lstrlenW
MultiByteToWideChar
DeleteCriticalSection
SetErrorMode
GetCurrentProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetVolumeInformationA
GetSystemInfo
QueryPerformanceFrequency
GetVersionExA
GetTempPathA
SetLastError
GetFileSize
WriteFile
GetFileAttributesA
GetFileAttributesW
ReadFile
CreateDirectoryA
FindFirstFileA
FindClose
HeapReAlloc
HeapAlloc
HeapFree
VirtualFree
GetProcessHeap
VirtualAlloc
Process32First
ReadProcessMemory
GetModuleFileNameW
VirtualProtectEx
Process32Next
lstrcmpiW
CreateToolhelp32Snapshot
WriteProcessMemory
CreateMutexA
ReleaseMutex
GetLocalTime
OpenProcess
VirtualFreeEx
VirtualAllocEx
GetThreadContext
CreateRemoteThread
GetFullPathNameA
GetLongPathNameA
SetUnhandledExceptionFilter
CreateFileMappingW
OpenFileMappingW
OpenFileMappingA
GetOverlappedResult
DeviceIoControl

user32

wsprintfW
wsprintfA
wvsprintfA

advapi32

GetSidSubAuthority
GetUserNameW
GetSidSubAuthorityCount
GetTokenInformation
RegSetValueExA
RegCreateKeyA
LookupPrivilegeValueA
ConvertStringSecurityDescriptorToSecurityDescriptorA
AdjustTokenPrivileges
CryptAcquireContextA
CryptImportKey
CryptCreateHash
CryptDestroyKey
RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyW
RegCreateKeyExA
RegNotifyChangeKeyValue
RegCloseKey
RegEnumValueA
RegDeleteValueA
InitiateSystemShutdownExA
CryptVerifySignatureA
CryptDestroyHash
CryptHashData
OpenProcessToken

shell32

ShellExecuteA
SHGetFolderPathA

ole32

CoGetObject
CoCreateInstance
CoInitialize
IIDFromString

oleaut32

SysFreeString
SysAllocString

crypt32

CertEnumCertificatesInStore
PFXImportCertStore
CertCloseStore
CertAddCertificateContextToStore
CertFreeCertificateContext
CertOpenStore

netapi32

NetApiBufferFree
NetWkstaGetInfo
NetUserGetInfo

shlwapi

StrToIntA
StrStrIA
StrChrA
StrCmpNA
PathFindFileNameW
PathRemoveFileSpecW
SHSetValueA
SHDeleteValueA
SHGetValueA
StrCmpNIA

iphlpapi

GetAdaptersInfo

msvcrt

_except_handler3

wininet

InternetOpenA
InternetWriteFile
HttpOpenRequestA
HttpEndRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetCloseHandle
HttpSendRequestExA
HttpQueryInfoA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetSetOptionA

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8efba1de6ed85f7abafeb558a66959d3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

crypt32

netapi32

shlwapi

iphlpapi

msvcrt

wininet

Sections

.text Size: 64KB - Virtual size: 63KB

bss Size: - Virtual size: 1KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 192B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 64KB - Virtual size: 63KB

bss
Size: - Virtual size: 1KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 192B

.reloc
Size: 3KB - Virtual size: 2KB