aec8b7c6dcf131cf9f11e9babf346fac74e516d0b365533279d41d70b79868a5

Sharing

Copy URL Twitter E-mail

General

Target

aec8b7c6dcf131cf9f11e9babf346fac74e516d0b365533279d41d70b79868a5
Size

540KB
MD5

a1dfe50ebe1628d3231ef3d1e8beb580
SHA1

e871d8443de6643f6ef0a964c3cb35638b4afeb1
SHA256

aec8b7c6dcf131cf9f11e9babf346fac74e516d0b365533279d41d70b79868a5
SHA512

22aab5d717e90acac01214173be5d6bcf750e701aa5a477c1d4e66c6654ad9534022ac849c1f9a149d7686a1965a1d1dd1a5e9de628e545000277104c8c6615e
SSDEEP

12288:zY4ieDdBQkshCeeRdPMpuFxlCxPZk0iYFvIvBn:04ieDdKkshCeeRdPM0Fx8xPZk0fwZn

Score

N/A

Malware Config

Signatures

Files

aec8b7c6dcf131cf9f11e9babf346fac74e516d0b365533279d41d70b79868a5
.dll windows x86

0c0a63d2f4bba4c932dfd48803326be4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveFileSpecA

kernel32

GetVersionExA
GetPrivateProfileStringA
GetModuleFileNameA
CloseHandle
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
CreateFileA
CreateFileW
WriteFile
ReadFile
GetLastError
SetFilePointer
GetWindowsDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
FindClose
FindFirstFileA
lstrcmpiA
lstrlenA
GetCurrentProcess
SystemTimeToFileTime
ReleaseMutex
LeaveCriticalSection
EnterCriticalSection
ResumeThread
SetThreadPriority
SuspendThread
InitializeCriticalSection
DeleteCriticalSection
WaitForMultipleObjects
lstrlenW
CreateThread
DeviceIoControl
GetDriveTypeA
GetModuleHandleA
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
SetStdHandle
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedExchange
GetEnvironmentStringsW
GetACP
WideCharToMultiByte
OutputDebugStringA
DeleteFileA
MulDiv
GetTickCount
Sleep
GetLocaleInfoW
GetFullPathNameA
IsBadCodePtr
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentDirectoryA
CreateMutexA
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
HeapReAlloc
DeleteFileW
ExitThread
GetCurrentThreadId
GetCommandLineA
GetCPInfo
RtlUnwind
RaiseException
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetOEMCP
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
ExitProcess
TerminateProcess
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetTimeZoneInformation
FlushFileBuffers
VirtualProtect
GetSystemInfo
VirtualQuery
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

user32

DispatchMessageA
TranslateMessage
PeekMessageA
CharUpperBuffA
wsprintfA

advapi32

QueryServiceConfigA
OpenServiceA
OpenSCManagerA
CloseServiceHandle
RegDeleteValueA
RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c0a63d2f4bba4c932dfd48803326be4

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

Sections

.text Size: 336KB - Virtual size: 335KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 148KB - Virtual size: 232KB

.rsrc Size: 4KB - Virtual size: 928B

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 336KB - Virtual size: 335KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 148KB - Virtual size: 232KB

.rsrc
Size: 4KB - Virtual size: 928B

.reloc
Size: 12KB - Virtual size: 10KB