557c5a6313a25e489185f9de62427ab1a7c2c3d0385a64657ea89dd55fa9db9f

Sharing

Copy URL

Twitter E-mail

General

Target

557c5a6313a25e489185f9de62427ab1a7c2c3d0385a64657ea89dd55fa9db9f
Size

112KB
MD5

848e4899ffc37f1faf691a52af98d440
SHA1

4e541805e448c7be75103ebbf353c0dde447b23b
SHA256

557c5a6313a25e489185f9de62427ab1a7c2c3d0385a64657ea89dd55fa9db9f
SHA512

26d21ecf204fc792b363dc4766a2df2adfe213f5eb24a5bd3833c7c1df7ea0351c4610dfce5d2a6c51087e4ae04e349e450449333d6a6f0fe5873b816d4370bf
SSDEEP

3072:8xTbFFxNV0aHi/8Q7ZDut+0Z7L9Qgdk8lH:8NV0aC/1ZDut+OL9

Score

N/A

Malware Config

Signatures

Files

557c5a6313a25e489185f9de62427ab1a7c2c3d0385a64657ea89dd55fa9db9f
.dll windows x86

59ee1716ef6aa0b608e1ab20d86f0055

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileExA
GetCommConfig
GetVolumePathNameW
SetFileAttributesW
GetConsoleAliasA
GetCurrentProcess
GetLocalTime
GetPrivateProfileSectionNamesA
GetFileSizeEx
GlobalDeleteAtom
DefineDosDeviceW
GetCurrentDirectoryA
SetLocaleInfoW
GetEnvironmentStringsW
CreateFileW
GetLongPathNameA
GetUserDefaultLangID
SetCalendarInfoA
GetProcessShutdownParameters
GetDiskFreeSpaceExA
RegisterWowExec
WriteProfileStringA
LockFile
FreeLibrary
InitializeCriticalSection
ExpandEnvironmentStringsW
lstrcatA
GetConsoleScreenBufferInfo
GetSystemTime
VirtualProtect
SetupComm
ReadConsoleOutputAttribute
SetInformationJobObject
lstrcmpiW
CreateJobObjectA
IsValidLocale
WritePrivateProfileStringA
GetConsoleCommandHistoryW
OpenEventW
CreateMailslotA
CreatePipe
GetProcessHeap
ConsoleMenuControl
CreateEventA
GetConsoleHardwareState
GetCurrentProcessId
GetThreadPriority
SetConsoleScreenBufferSize
PrepareTape
GetLogicalDrives
WriteConsoleInputVDMA
GetVolumeNameForVolumeMountPointA
GetStartupInfoW
UnlockFile
LoadLibraryW
FindNextVolumeA
FindResourceA
GetLocaleInfoW
GetCommandLineW
FileTimeToSystemTime
GetStringTypeExA
GetHandleInformation
GetModuleHandleA
ReplaceFile
CreateFileA
GetTickCount
SetVolumeMountPointA
QueryInformationJobObject
GetModuleFileNameW
LockResource
FormatMessageA
GetConsoleAliasExesLengthA
EnumDateFormatsW
BuildCommDCBAndTimeoutsW
WritePrivateProfileStringW
FindFirstVolumeA
GetVersion
WriteProfileSectionW
SetConsoleCP
FindNextVolumeMountPointW
TlsSetValue
Heap32Next
LoadLibraryA
VirtualAlloc
GetProcAddress
SetPriorityClass

gdi32

GetObjectA
GetStockObject
DeleteDC
CreateCompatibleDC
ResetDCW
SetPixelFormat
CreateCompatibleBitmap
GetTextFaceA
FillRgn
CombineRgn
InvertRgn
UnrealizeObject
CreateFontIndirectA
GdiPlayPrivatePageEMF
SetDIBColorTable
GdiArtificialDecrementDriver
SelectObject
CreateEllipticRgn
LineTo
PolyBezier

advapi32

OpenServiceW
SetEntriesInAccessListA
LsaOpenAccount
ElfOpenEventLogW
LsaRetrievePrivateData
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegOpenKeyExW
InitializeAcl
FileEncryptionStatusA
AccessCheck
RegOpenKeyExA
SystemFunction009
GetSecurityDescriptorOwner
CryptSetProviderExW
CryptSignHashA
LsaRemoveAccountRights
GetCurrentHwProfileW
ClearEventLogW
RegisterEventSourceW
SystemFunction002
QueryUsersOnEncryptedFile
QueryServiceObjectSecurity
GetAce
LsaCreateTrustedDomain

winmm

waveInGetDevCapsW
PlaySoundA
waveOutUnprepareHeader
mciGetDeviceIDA
DefDriverProc
mmioAdvance
auxGetNumDevs
waveOutMessage
mmTaskSignal
waveInGetPosition
timeBeginPeriod
mmioRead
mmioRenameW
waveOutBreakLoop
timeSetEvent
OpenDriver
mmioClose
waveOutSetPlaybackRate
midiOutUnprepareHeader
mmioRenameA
timeGetTime
waveOutGetPosition
mmioSendMessage
waveOutGetErrorTextW
waveOutClose
WOW32DriverCallback

msvcrt

_adj_fptan
_mbsnset
_mbsnicmp
_mbsrchr
_mbsnbcpy
_wexecvp
_wgetdcwd
time
_wunlink
__unDNameEx
feof
memset
printf
_ismbcl0
fwprintf
_get_sbh_threshold
_chsize
ftell
_ismbcspace
_adj_fpatan
_unlink
_wcreat
cos
_getdrive
fread
_wfindnexti64
_fpreset
_ismbbkana
fputs
__p___winitenv
fclose
_CItan
_sys_nerr
fseek
_creat
_wfreopen
fputc
_strcmpi
fsetpos
_mbsinc
strncpy
sprintf
floor
fopen
_cprintf
_mbschr
_setsystime
_wspawnve
ferror
_copysign
_fstat
fprintf
fwrite
_mbccpy
_fputwchar

Exports

Exports

Nikmp
Ujrob

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59ee1716ef6aa0b608e1ab20d86f0055

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

winmm

msvcrt

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 52KB - Virtual size: 48KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 52KB - Virtual size: 48KB

.reloc
Size: 8KB - Virtual size: 4KB