31b837297532bbfb7dc5a3f7788c55321db925d24fcc492bffe4243ad88fb655

Sharing

Copy URL Twitter E-mail

General

Target

31b837297532bbfb7dc5a3f7788c55321db925d24fcc492bffe4243ad88fb655
Size

565KB
MD5

e840e5863d0af35cdecf5a51ca53016e
SHA1

67cde6b894363c43f3250a6abbb67d3254d24071
SHA256

31b837297532bbfb7dc5a3f7788c55321db925d24fcc492bffe4243ad88fb655
SHA512

ace2b24529718194859b03fb971f3d5df09d3a47acd2d5d10d399fb3a5b6199be86496814256a5d2d718f481cc0ea604ef5ee67cc31e7d27653ca083750b5eef
SSDEEP

12288:KCL7ckUPpVpiH064inSy9BbXf9bl71g0jH:tLgkUPpV4H0XUSOBrVxP

Score

N/A

Malware Config

Signatures

Files

31b837297532bbfb7dc5a3f7788c55321db925d24fcc492bffe4243ad88fb655
.dll windows x86

076a0a58cf838420582ac547721ca3c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextW

oleaut32

UnRegisterTypeLi
SysStringLen
LoadTypeLi
RegisterTypeLi
SysAllocString
VarUI4FromStr
SysFreeString

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW

ole32

CoTaskMemAlloc
CoTaskMemFree
PropVariantClear
CoCreateInstance

kernel32

VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
lstrcmpiW
lstrlenW
GetModuleFileNameA
TerminateProcess
Sleep
SizeofResource
SetThreadLocale
SetStdHandle
CloseHandle
CreateFileA
EnterCriticalSection
ExitProcess
FindResourceW
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentThreadId
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessPriorityBoost
GetStartupInfoA
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadResource
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
RtlUnwind
SetEvent
SetFilePointer
SetHandleCount
SetLastError

Exports

Exports

AsFile
GetBuffer
UnicodeEncodeError
vGetTokenW

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

076a0a58cf838420582ac547721ca3c7

Headers

File Characteristics

Imports

user32

oleaut32

advapi32

ole32

kernel32

Exports

Exports

Sections

.text Size: 129KB - Virtual size: 129KB

.rdata Size: 203KB - Virtual size: 203KB

.data Size: 209KB - Virtual size: 209KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 129KB - Virtual size: 129KB

.rdata
Size: 203KB - Virtual size: 203KB

.data
Size: 209KB - Virtual size: 209KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 7KB - Virtual size: 7KB