7202756b45c674d55d70fe689c359a252e141d42b8f3c85e1dd5197338541ef0

Sharing

Copy URL

Twitter E-mail

General

Target

7202756b45c674d55d70fe689c359a252e141d42b8f3c85e1dd5197338541ef0
Size

100KB
MD5

6c8c882fbfc8e33d7a03735113d941a4
SHA1

0451ea9c2cd0bb9bfe121cd957479f3a6f21e3ed
SHA256

7202756b45c674d55d70fe689c359a252e141d42b8f3c85e1dd5197338541ef0
SHA512

41a94ab8add7ccdf36bddedf111f1f7ed14fcb0a854d6fab6e50ad421b9fc3e85bd496bda00e4162cdd46da3976ea73019c1fff3c6d549af648c25cd521acebc
SSDEEP

3072:wOhuX/4v4R1K25ifqm+8EFoT8nmfEl5P6VdSg9:wa4RE25fDobjTSC

Score

N/A

Malware Config

Signatures

Files

7202756b45c674d55d70fe689c359a252e141d42b8f3c85e1dd5197338541ef0
.dll windows x86

92b233d3c375cb279329891f0f9e9581

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
FreeSid
GetAccessPermissionsForObjectW
GetSecurityDescriptorDacl
GetSecurityDescriptorOwner
GetServiceDisplayNameA
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
SetNamedSecurityInfoA
SetNamedSecurityInfoW
SystemFunction017

gdi32

GetCharWidthW
AbortPath

kernel32

VirtualAlloc
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessW
FormatMessageA
FreeLibrary
GetCommMask
GetCurrentDirectoryA
GetCurrentProcess
GetLastError
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GetSystemInfo
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
HeapAlloc
HeapFree
LoadLibraryA
LoadLibraryExA
LocalFree
MoveFileA
MultiByteToWideChar
SetCurrentDirectoryA
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
LoadResource
FindResourceA
CompareStringW
CompareStringA
GetLocaleInfoW
SetEnvironmentVariableA
VirtualProtect
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
GetCommandLineA
ExitProcess
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

ole32

EnableHookObject
STGMEDIUM_UserMarshal

user32

wsprintfA
MessageBoxExA
LoadStringA
ExcludeUpdateRgn
CharPrevA
CharNextA

Exports

Exports

FPPNXNOPGZ

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92b233d3c375cb279329891f0f9e9581

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

user32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 28KB - Virtual size: 27KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 28KB - Virtual size: 27KB

.reloc
Size: 4KB - Virtual size: 3KB