0b7c7b555ebff0deec338001a5454bf1ab3c150962f107b52b6c92cdf9eac990

Sharing

Copy URL

Twitter E-mail

General

Target

0b7c7b555ebff0deec338001a5454bf1ab3c150962f107b52b6c92cdf9eac990
Size

284KB
MD5

561cb3ccb6be455d0a14c721e69d44b0
SHA1

2abeffb41f3e411cd7d3f7631b0634c62dfe7ef6
SHA256

0b7c7b555ebff0deec338001a5454bf1ab3c150962f107b52b6c92cdf9eac990
SHA512

57b485b3f9c9530c2a99948d351c5f61b35460564a786879189db1262522a9952ef3fdb61eccb0debcdbfb46712e79a0e98cb2186108cfe6822dabf7a28b1294
SSDEEP

6144:FlrizQLVdDs06+9ghQ2SMj8LrXl1z7hzZOvW:jiWV7TGSi8NZNzZOvW

Score

N/A

Malware Config

Signatures

Files

0b7c7b555ebff0deec338001a5454bf1ab3c150962f107b52b6c92cdf9eac990
.dll windows x86

5b206b394b7ca714cfc5abdb5a249da5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP

shell32

ShellExecuteA
ExtractIconExW
SHGetInstanceExplorer
ShellExecuteExA
SHInvokePrinterCommandA
SHGetFileInfoW
SHQueryRecycleBinW
SHGetPathFromIDListA
DragAcceptFiles
Shell_NotifyIconA
SHGetFileInfoA
ShellExecuteExW
FindExecutableW
SHGetSpecialFolderPathW
SHLoadInProc

user32

RegisterWindowMessageA
InflateRect
DdeEnableCallback
DlgDirListW
GetWindowRgn
OpenWindowStationW
PaintDesktop
EnumDesktopWindows
SendNotifyMessageA
DdeAbandonTransaction
DdeSetUserHandle
CreateIconIndirect
GetClipboardFormatNameW
CreateMDIWindowA
SendMessageTimeoutW
AppendMenuA
OpenDesktopW

oleaut32

VarDateFromCy
VarBstrFromCy
OleLoadPicturePath
LoadRegTypeLi
VarI2FromCy
VarCySu
VarBstrFromBool
BSTR_UserMarshal
VarCyInt
RegisterActiveObject
OleSavePictureFile
VarI2FromDisp
VarUI4FromI2
VarBstrFromI1
VarDateFromUI2
VarCyFromDate
SafeArraySetRecordInfo
VarI1FromUI2

rpcrt4

RpcCancelThread

gdi32

ResetDCA
DPtoLP
CreateDIBPatternBrushPt
CombineTransform
GdiSetBatchLimit
CreateDIBPatternBrush
SetMiterLimit
TextOutA
UnrealizeObject
GetBoundsRect
PtVisible
CopyMetaFileA
GetPixelFormat
GetGraphicsMode
AddFontResourceW

ole32

OleNoteObjectVisible
StgOpenAsyncDocfileOnIFillLockBytes
StgCreateStorageEx

wsock32

WSAAsyncSelect

msvcrt

_initterm
free
_adjust_fdiv
malloc

shlwapi

PathGetArgsW
StrIsIntlEqualW
PathFindOnPathW
PathMakeSystemFolderW
PathFileExistsW
StrCSpnIA
SHRegOpenUSKeyW
PathSetDlgItemPathA
PathIsUNCServerA
PathBuildRootA
PathCompactPathExW
PathIsDirectoryA
PathCompactPathW
SHRegOpenUSKeyA
SHQueryValueExW
PathCompactPathExA
StrTrimW
PathGetDriveNumberW
SHRegDeleteEmptyUSKeyW
SHGetValueA
StrCSpnIW
SHRegCreateUSKeyW
PathRemoveArgsA
PathIsSystemFolderW
PathIsUNCServerShareA
SHRegWriteUSValueW
PathIsSameRootW
PathRemoveBackslashW
SHRegSetUSValueW
StrDupA
PathSearchAndQualifyA
StrCmpW
PathAddExtensionA
StrFromTimeIntervalW
PathRemoveArgsW
SHQueryInfoKeyW
StrFormatByteSizeW
PathStripPathW
PathFindOnPathA
PathIsRelativeW
ChrCmpIA
PathCombineA
PathIsPrefixW
StrPBrkA
PathMakePrettyW
StrCatW
PathFindExtensionW
PathParseIconLocationA
SHEnumKeyExW
PathAppendA
PathSkipRootA
SHRegEnumUSValueA
PathUnquoteSpacesA
SHRegEnumUSKeyA
StrToIntA
PathIsContentTypeW
PathAddBackslashW
PathIsURLA
PathAppendW
PathRenameExtensionW
SHRegQueryUSValueW
StrTrimA
PathRelativePathToW
PathFindNextComponentA
PathRemoveFileSpecW
SHEnumValueA
StrToIntExA
SHQueryValueExA
PathIsUNCServerW
PathQuoteSpacesA
PathParseIconLocationW
SHRegCreateUSKeyA
StrSpnW
PathQuoteSpacesW
PathIsUNCA
PathAddBackslashA
SHDeleteKeyA
StrCmpIW
StrCSpnA
SHRegEnumUSKeyW
SHRegGetUSValueW
StrToIntW
PathRemoveBlanksW
StrCpyW
StrFormatByteSizeA
PathIsFileSpecA
PathSearchAndQualifyW
SHDeleteValueW
PathCommonPrefixW
SHCreateShellPalette
PathGetDriveNumberA
SHRegDeleteEmptyUSKeyA
PathStripPathA
ChrCmpIW
PathIsFileSpecW
SHRegCloseUSKey
PathMatchSpecA
PathRelativePathToA
SHDeleteValueA
PathFindNextComponentW
PathFindFileNameA
SHOpenRegStreamA
SHDeleteKeyW
PathIsRelativeA
PathFindFileNameW
SHRegDeleteUSValueA
PathCanonicalizeW
PathSkipRootW
SHRegSetUSValueA
StrPBrkW
PathCommonPrefixA
StrToIntExW
PathIsRootA
PathStripToRootA
PathStripToRootW
PathIsUNCW
SHRegGetBoolUSValueA
StrNCatA
PathGetArgsA
PathMakePrettyA
PathFileExistsA
PathMatchSpecW
StrSpnA
PathCombineW
SHRegQueryInfoUSKeyA
PathIsPrefixA
SHDeleteEmptyKeyA
SHRegGetUSValueA
PathFindExtensionA
PathCanonicalizeA
SHSetValueA
SHRegWriteUSValueA
SHEnumValueW
PathUnmakeSystemFolderA
PathCompactPathA
PathIsUNCServerShareW
SHRegQueryUSValueA
PathIsRootW

advapi32

GetKernelObjectSecurity

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b206b394b7ca714cfc5abdb5a249da5

Headers

File Characteristics

Imports

kernel32

shell32

user32

oleaut32

rpcrt4

gdi32

ole32

wsock32

msvcrt

shlwapi

advapi32

Sections

.text Size: 124KB - Virtual size: 122KB

.rdata Size: 104KB - Virtual size: 100KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 32KB - Virtual size: 28KB

.text
Size: 124KB - Virtual size: 122KB

.rdata
Size: 104KB - Virtual size: 100KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 32KB - Virtual size: 28KB