d0f8a27c02b8dba5295a7c2454090ad83b1caa56453d25af5e6353ef4da581ff

Sharing

Copy URL Twitter E-mail

General

Target

d0f8a27c02b8dba5295a7c2454090ad83b1caa56453d25af5e6353ef4da581ff
Size

289KB
MD5

9128e188de75ec2dd9261f815438c41b
SHA1

4b8ce39b34534d75dbc0630a8bf732e7536fde51
SHA256

d0f8a27c02b8dba5295a7c2454090ad83b1caa56453d25af5e6353ef4da581ff
SHA512

7339c8cd65f83d6631b828ed378071f36086f7286c9edb43c4a878ac9b86dcf1d82a5af1d8bcac41462be573ea85e326959f249cd4e4b866e5087d7bc74c506e
SSDEEP

6144:YM+2TsiKodkR+4O8dRY1+1W6KRoK1bTqv0WtIPEiLT/a8w//+FC:t+2TfOA4O8ddA6S1b6EHPa/YC

Score

N/A

Malware Config

Signatures

Files

d0f8a27c02b8dba5295a7c2454090ad83b1caa56453d25af5e6353ef4da581ff
.dll windows x86

15b16d149116ec8b25ed939530583537

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
free
_wcsicmp
??2@YAPAXI@Z
wcslen
wcsncmp
??3@YAXPAX@Z

kernel32

GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetVersionExW
GetProcAddress
Sleep
SetUnhandledExceptionFilter
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
GetLastError
UnhandledExceptionFilter
ExpandEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
GetFileAttributesW
LoadLibraryW
FreeLibrary
SetFileAttributesW
DeleteFileW
GetModuleFileNameW
CreateEventW
CloseHandle
GetVersionExA

user32

SendMessageW
FindWindowW
LoadStringW
SetForegroundWindow

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VARIANT_UserFree
VARIANT_UserUnmarshal
VARIANT_UserMarshal
VARIANT_UserSize
BSTR_UserFree
BSTR_UserUnmarshal
BSTR_UserMarshal
BSTR_UserSize
LoadRegTypeLi
VariantClear
VariantInit
VariantCopy
SysFreeString
SysAllocString
CreateStdDispatch

rpcrt4

CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Disconnect
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrClientCall2
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Invoke
UuidFromStringW

shlwapi

PathFindExtensionW
StrCatBuffW
wnsprintfW
PathFindFileNameW
SHGetValueW
StrStrIW

ntdll

memset

advapi32

RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegFlushKey

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
HideIcons
Reinstall
ShowIcons

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 289B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 207KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

15b16d149116ec8b25ed939530583537

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

ole32

oleaut32

rpcrt4

shlwapi

ntdll

advapi32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 72KB

.orpc Size: 512B - Virtual size: 289B

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 5KB

.text Size: 207KB - Virtual size: 208KB

.text
Size: 72KB - Virtual size: 72KB

.orpc
Size: 512B - Virtual size: 289B

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB

.text
Size: 207KB - Virtual size: 208KB