e63c611a1c79c2b252ffa7849750260af1dd38f8763a59f82eb22df9caf7dc69

Sharing

Copy URL

Twitter E-mail

General

Target

e63c611a1c79c2b252ffa7849750260af1dd38f8763a59f82eb22df9caf7dc69
Size

168KB
MD5

92fd535a0c1a117bb1bba7cd539e4d16
SHA1

585227d7bc76f98d59f17d0a89d82a2d5996d9ca
SHA256

e63c611a1c79c2b252ffa7849750260af1dd38f8763a59f82eb22df9caf7dc69
SHA512

30147faaf42ca3a9de77fddf68a6a0fe6a51171cfe5f296bec16aef3787f002553acb9c7e9cf6c75fa2b8fdc3b3ac8a9264cbdc1febc85f9bed0629edc9dce99
SSDEEP

3072:NYzQ8epHeeLaZQp+DZm4s1TDwGRQ8xOwBMqqDLy/1KFt97yutX:NdlwwwGq88wKqqDLu1KFXb

Score

N/A

Malware Config

Signatures

Files

e63c611a1c79c2b252ffa7849750260af1dd38f8763a59f82eb22df9caf7dc69
.dll windows x86

22340cebd6fd6fe666e2ab58ff915504

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpW
InterlockedExchange
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LoadLibraryExA
GetOverlappedResult
SetFilePointer
CreateFileW
LoadLibraryW
GetDiskFreeSpaceW
GetFullPathNameW
DeleteFileW
CreateEventW
GetPrivateProfileStringW
GetACP
GetProcessHeap
LocalHandle
MultiByteToWideChar
LocalLock
GlobalFree
GlobalLock
GlobalAlloc
MulDiv
VirtualAlloc
VirtualFree
GlobalHandle
FreeLibrary
GlobalReAlloc
SetThreadPriority
GetThreadPriority
GetLocalTime
ResumeThread
CreateThread
GlobalUnlock
OutputDebugStringW
DebugBreak
lstrlenA
InterlockedCompareExchange
SetEvent
FormatMessageW
InterlockedDecrement
InterlockedIncrement
GetCurrentProcess
FlushInstructionCache
lstrcmpiW
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
CreateFileA
LocalAlloc
GetCurrentThread
GetVersionExA
LocalReAlloc
GetVersionExW
lstrlenW
lstrcpyW
lstrcatW
CreateFileMappingW
MapViewOfFile
ReleaseMutex
CreateMutexW
WaitForSingleObject
LocalFree
GetModuleHandleW
CloseHandle
WinExec
VirtualProtect
WriteFile
GetCommandLineA

user32

CreateWindowExW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
InvalidateRect
ReleaseDC
MessageBoxW
UpdateWindow
SetRect
GetDC
SetCursor
RegisterClassW
GetClipboardData
DefWindowProcW
LoadStringA
UnhookWindowsHookEx
CloseDesktop
GetUserObjectInformationW
OpenDesktopW
OpenInputDesktop
SetWindowsHookExW
GetAsyncKeyState
CallNextHookEx
PostMessageW
IsWindow
LoadCursorW
GetClassInfoW
MessageBeep
KillTimer
ReleaseCapture
LoadStringW
SendMessageW
GetDlgItem
DestroyWindow
CharNextW
IsDlgButtonChecked
SetTimer
SetCapture
SetFocus
ClientToScreen
GetClientRect
DispatchMessageW
EnableWindow
CheckDlgButton
PeekMessageW
TranslateMessage
MsgWaitForMultipleObjects
SetWindowTextW
CharLowerW
wsprintfA
GetParent

advapi32

RegSetValueExA
SetThreadToken
AllocateAndInitializeSid
FreeSid
OpenThreadToken
CryptSignHashA
CryptHashData
CryptExportKey
CryptReleaseContext
CryptSetProvParam
RegCreateKeyW
RegQueryValueExA
RegOpenKeyA
RegQueryValueExW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
CheckTokenMembership
RegDeleteValueW
RegEnumValueW
RegCloseKey
CryptDestroyHash
CryptCreateHash
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
RegOpenKeyExA

gdi32

CreatePalette
GetStockObject
GetObjectW
GetClipBox
SelectPalette
RealizePalette
SetWindowOrgEx
DeleteObject
GetPaletteEntries

ole32

CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoUninitialize
CoInitialize
CoGetObject
StringFromIID
ReleaseStgMedium
CoTaskMemAlloc

rpcrt4

NdrCStdStubBuffer2_Release
NdrDllUnregisterProxy
NdrDllGetClassObject

msvcrt

__CxxFrameHandler
malloc
free
_mbschr
strchr
fread
fputs
_adjust_fdiv
_memicmp
fgetc
_itoa
fopen
fwrite
fclose
memmove
qsort
_CxxThrowException
memset
memcpy
iswdigit
_wtoi
realloc
_initterm
iswspace
_amsg_exit
_XcptFilter
_vsnprintf
atoi
_vsnwprintf
_except_handler3

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22340cebd6fd6fe666e2ab58ff915504

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

msvcrt

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 48KB - Virtual size: 89KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 48KB - Virtual size: 89KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB