8c209a250d1c18dcd558cd5718c539b9ef88b5cd6c4ec83566c800d83377dd4f

Sharing

Copy URL Twitter E-mail

General

Target

8c209a250d1c18dcd558cd5718c539b9ef88b5cd6c4ec83566c800d83377dd4f
Size

80KB
MD5

0abde1fada366a0e9083646b19515081
SHA1

fba4b34a0e155fe918365546920c3efaadba9b7a
SHA256

8c209a250d1c18dcd558cd5718c539b9ef88b5cd6c4ec83566c800d83377dd4f
SHA512

2475fde169a57c91a64c39bd97311255713c6d3e885661de83625dc0d7eb70b8d5b96c40ccf9f0ea14221ba44d6b683c786897451ad35025e997b5729cb43c98
SSDEEP

1536:CDpwNiotKBJaE1evWWbtZUMO264V4EhpUSjf1ggpE:xQAxv1tZY26a4KpUCE

Score

N/A

Malware Config

Signatures

Files

8c209a250d1c18dcd558cd5718c539b9ef88b5cd6c4ec83566c800d83377dd4f
.dll windows x86

c789d9fc4949cfd6a02c2312b1827225

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
CreateFileA
InterlockedDecrement
GetLastError
GetSystemDirectoryA
InterlockedCompareExchange
VirtualProtect
OpenEventA
InitializeCriticalSectionAndSpinCount
UnmapViewOfFile
InterlockedExchange
SetLastError
WriteFile
InterlockedIncrement
GetProcAddress
CreateProcessA
EnterCriticalSection
LoadLibraryA
CreateFileMappingA
HeapFree
LocalFree
MapViewOfFile
CloseHandle
GetModuleFileNameA
LeaveCriticalSection
ExitProcess
VirtualQuery
CreateDirectoryA
HeapAlloc
CreateEventA
GetVolumeInformationA
lstrlenA
GetModuleHandleA
CopyFileA
SetEvent
SetCurrentDirectoryA
GetWindowsDirectoryA
UnlockFile
GetUserDefaultLangID
GetStringTypeW
GetSystemDefaultLangID
GlobalFindAtomW
CreateMailslotW
FormatMessageW
AllocConsole
CreateRemoteThread
QueueUserWorkItem
FillConsoleOutputCharacterW
GetLogicalDriveStringsA
GlobalFindAtomA
WaitForMultipleObjects
GlobalMemoryStatusEx
lstrcatA
SetEnvironmentVariableW
GetSystemWindowsDirectoryA
CreateFileMappingW
IsWow64Process
TerminateProcess
GetLogicalDriveStringsW
MoveFileExW
FindNextVolumeW
CreateThread
ReplaceFileW
FlushViewOfFile
TransmitCommChar
SetWaitableTimer
UnregisterWaitEx
GetFileAttributesExW
ReadConsoleInputA
WaitNamedPipeW
ReadProcessMemory
OpenFileMappingA
WriteConsoleInputA
ExpandEnvironmentStringsA
GetCommModemStatus
RtlMoveMemory
RegisterWaitForSingleObjectEx
CompareFileTime
CreateHardLinkW
WaitForSingleObjectEx
LocalFlags
UpdateResourceA
HeapReAlloc
IsValidLanguageGroup
SetLocalTime
CreateDirectoryW
GetVolumeInformationW
OpenFileMappingW
VirtualUnlock
SetConsoleCtrlHandler
GetConsoleScreenBufferInfo
GetFileType
SetCommMask
GetThreadPriority
DosDateTimeToFileTime
SearchPathA
GetHandleInformation

ole32

CoInitialize
CoTaskMemFree
CLSIDFromString
CoGetMarshalSizeMax
CoGetClassObject
OleDuplicateData
BindMoniker
CoRegisterMessageFilter
OleCreateLinkToFile
OleQueryCreateFromData
OleCreateFromFile
OleCreateStaticFromData
PropVariantCopy
OleCreateLink
OleLockRunning

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c789d9fc4949cfd6a02c2312b1827225

Headers

File Characteristics

Imports

kernel32

ole32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 1KB