dc0476bf1381f668daf4d9e13ec10839b6f652cd609935608de30e83b5cc784c

Sharing

Copy URL

Twitter E-mail

General

Target

dc0476bf1381f668daf4d9e13ec10839b6f652cd609935608de30e83b5cc784c
Size

58KB
MD5

0b186f04537d0da71a9970a6465470ca
SHA1

60d4ec0cfd86f90b5f84c0214c110cb92b536c46
SHA256

dc0476bf1381f668daf4d9e13ec10839b6f652cd609935608de30e83b5cc784c
SHA512

b00eb8944e765b06881e770c364a9c2fde8bb3ced9e3d5ed20025be7c93e63c22d8796375202632733a55944fe90ac1fea6df9b0f876df459ee27eacc501ffdc
SSDEEP

1536:k9Q+oPLx+eDVTcxB15W8r9/aKj5bfhVky3V:k9Q+SkeBcZ5W8rA0Vky3V

Score

N/A

Malware Config

Signatures

Files

dc0476bf1381f668daf4d9e13ec10839b6f652cd609935608de30e83b5cc784c
.dll windows x86

e23164df05cc26cbd5c480d2afc6880b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
HeapAlloc
GetProcessHeap
DeleteFileW
GetCPInfoExA
LocalFree
GetCurrentProcess
LocalReAlloc
GetLocaleInfoW
LocalAlloc
GetUserDefaultLCID
GetTickCount
AreFileApisANSI
lstrcpynA
ExpandEnvironmentStringsW
Beep
Sleep
GetLastError
LeaveCriticalSection
SystemTimeToFileTime
EnterCriticalSection
CloseHandle
CompareFileTime
ReleaseMutex
IsBadReadPtr
WaitForSingleObject
lstrlenA
LoadResource
WideCharToMultiByte
MultiByteToWideChar
GetTimeFormatA
GetDateFormatW
FindResourceW
FindResourceA
SetFileAttributesW
SetFileAttributesA
SearchPathA
SearchPathW
CreateMutexW
CreateMutexA
CreateProcessW
CreateProcessA
LoadLibraryW
LoadLibraryA
DeleteFileA
GetSystemTime
ExpandEnvironmentStringsA
GetCurrentThreadId
LockResource
SetLastError
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
GetVersionExA
GetSystemDefaultLangID
GetTimeFormatW
lstrcmpA
GetProcAddress
GetModuleFileNameA
FreeLibrary
HeapFree

ole32

CoFreeUnusedLibraries
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateGuid
CoTaskMemFree
CoCreateInstance
CLSIDFromString
StringFromGUID2

user32

MessageBeep
GetParent
IsWindowEnabled
GetDlgItemInt
SetForegroundWindow
CheckDlgButton
PostMessageA
SetFocus
IsDlgButtonChecked
GetFocus
EndDialog
CheckRadioButton
FindWindowA
SetWindowLongA
SetWindowTextW
WinHelpW
GetSysColor
DestroyIcon
InvalidateRect
BeginPaint
EndPaint
GetWindowLongA
SendMessageW
MessageBoxW
MessageBoxA
FindWindowW
SetWindowTextA
GetWindowTextW
WinHelpA
LoadImageW
MapWindowPoints
OffsetRect
GetClientRect
MoveWindow
InflateRect
SetRect
GetDC
ReleaseDC
LoadStringA
CharPrevA
SendMessageA
GetDlgItem
GetSystemMetrics
ShowWindow
UpdateWindow
SystemParametersInfoA
LoadStringW
DialogBoxParamA
DialogBoxParamW
DefWindowProcA
DefWindowProcW
LoadIconA
GetWindowTextA
LoadImageA
EnableWindow

advapi32

RegSetValueExW
RegSetKeySecurity
QueryServiceStatus
StartServiceW
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegQueryValueExA
AddAccessAllowedAce
GetLengthSid
OpenSCManagerW
InitializeAcl
RegCloseKey
FreeSid
RegOpenKeyExA
CloseServiceHandle
GetSidSubAuthority
GetSidSubAuthorityCount
LookupAccountSidW
IsValidSid
GetTokenInformation
GetSidIdentifierAuthority
RegSetValueExA
SetSecurityDescriptorDacl
RegEnumKeyA
RegEnumKeyW
RegDeleteKeyW
RegEnumKeyExW
RegEnumKeyExA
RegOpenKeyExW
RegDeleteKeyA
RegQueryValueExW
RegCreateKeyExW
GetUserNameW
GetUserNameA
RegDeleteValueA
RegCreateKeyExA
RegDeleteValueW
OpenProcessToken
OpenServiceW

msvcrt

wcscat
wcslen
wcscmp
_itow
wcsncmp
wcscpy
_ltow

comctl32

PropertySheetW
CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA
InitCommonControlsEx
ImageList_Create
ImageList_ReplaceIcon
CreatePropertySheetPageW

gdi32

UpdateColors
RealizePalette
SetDIBitsToDevice
DeleteObject
GetDeviceCaps
CreatePalette
SelectPalette

rpcrt4

NdrOleFree
RpcStringFreeW
RpcBindingFree
RpcBindingSetAuthInfoExW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
NdrClientCall2
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_QueryInterface
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
IUnknown_QueryInterface_Proxy
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
NdrOleAllocate
CStdStubBuffer_CountRefs

Exports

Exports

fcidtfu

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e23164df05cc26cbd5c480d2afc6880b

Headers

File Characteristics

Imports

kernel32

ole32

user32

advapi32

msvcrt

comctl32

gdi32

rpcrt4

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 29KB

.data Size: 24KB - Virtual size: 23KB

.data1 Size: 512B - Virtual size: 1B

.data2 Size: 512B - Virtual size: 1B

.rsrc Size: 1024B - Virtual size: 936B

.reloc Size: 1024B - Virtual size: 816B

.text
Size: 30KB - Virtual size: 29KB

.data
Size: 24KB - Virtual size: 23KB

.data1
Size: 512B - Virtual size: 1B

.data2
Size: 512B - Virtual size: 1B

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 1024B - Virtual size: 816B