7108f8ef6e3479ee5b0aa707dcd41370b6ffc8106961a77e8596f1ead4bb6e0c

Sharing

Copy URL

Twitter E-mail

General

Target

7108f8ef6e3479ee5b0aa707dcd41370b6ffc8106961a77e8596f1ead4bb6e0c
Size

162KB
MD5

82c6e821dd32add22577ca67c914c425
SHA1

d1ac7ae22b6bc0b2acd78bf66bc58d4112c0a856
SHA256

7108f8ef6e3479ee5b0aa707dcd41370b6ffc8106961a77e8596f1ead4bb6e0c
SHA512

78276930c13a4670b2b40994ae3e7d80ec77caa603bab1ff186993310f6a95a26b38b8555c98cf1aa91d8c369f6c15c4188d6b19efeebe180f9b08081d8b3ebd
SSDEEP

3072:FOXGmysBSo0GnyHn+4CB+jCBpRf84oAAZnhyZEDBTsAAusgyOAMFDz0XIO:g/ysBAdKBrBpRE1A05BQDunvhFP4

Score

N/A

Malware Config

Signatures

Files

7108f8ef6e3479ee5b0aa707dcd41370b6ffc8106961a77e8596f1ead4bb6e0c
.dll windows x86

579d08cc5bbeec293749e7aa5196ec94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
LsaQuerySecret

kernel32

CreateDirectoryA
ExitProcess
FindClose
FindFirstFileA
FreeLibrary
GetCurrentDirectoryA
GetCurrentProcess
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetVersionExA
LoadLibraryA
LocalAlloc
LocalFree
SetCurrentDirectoryA
VirtualAlloc
VirtualFree
VirtualProtect
lstrcpyA
lstrlenA

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW
ReadPrinter

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList

shell32

SHGetFolderPathA

msvcrt

__set_app_type
_adjust_fdiv
_except_handler3
_initterm
_itoa
_mbscmp
_onexit
__p__commode
exit
free
labs
malloc
sprintf
strrchr
strtok
__getmainargs
__dllonexit
__CxxFrameHandler
atoi

user32

SetLayeredWindowAttributes
SetTimer
wsprintfA

Exports

Exports

AAuxDecode
ARawDecodeGetData
AReleaseDevice
AddState
ComputeStats
DBUtilities
DeleteTable
EndExternalBackup
EndSession
FIsEmptyA
IsPlatformWinNT
Restore2
RetrieveQoSql

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

579d08cc5bbeec293749e7aa5196ec94

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

winspool.drv

setupapi

shell32

msvcrt

user32

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 84KB - Virtual size: 84KB

.data Size: 17KB - Virtual size: 18KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 84KB - Virtual size: 84KB

.data
Size: 17KB - Virtual size: 18KB

.rsrc
Size: 5KB - Virtual size: 5KB