9c4d36ea38efe1de851285eb33facddc6bec86a4a6a6a61c6dec2768bb82ab91

Sharing

Copy URL Twitter E-mail

General

Target

9c4d36ea38efe1de851285eb33facddc6bec86a4a6a6a61c6dec2768bb82ab91
Size

179KB
MD5

10e26f95763faca0168cf5a03a8e8ab0
SHA1

eb62dbc87a93c77e5690007d9916928bacef3c0b
SHA256

9c4d36ea38efe1de851285eb33facddc6bec86a4a6a6a61c6dec2768bb82ab91
SHA512

d27f54b7319daa65b6cb61fc0d7d20ad5ae7565b6bc24b8ad811dcaa4f5517c199c11204b4feff95046753368819b1c8527ee0ff06150201e1e54e0e18492e96
SSDEEP

3072:oDxCu/r6kpU0Q4Mu8NEuWJtuw2/GexvKgL8cdq2B9:pu/1pU0Z8MQw2vxzB9

Score

N/A

Malware Config

Signatures

Files

9c4d36ea38efe1de851285eb33facddc6bec86a4a6a6a61c6dec2768bb82ab91
.dll windows x86

3d1704a8c11f70d1aa3d00f63ce1e001

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
DisableThreadLibraryCalls
VirtualFree
GetShortPathNameA
GetModuleFileNameA
GetSystemDirectoryA
ReleaseSemaphore
GetVersion
WaitForSingleObject
CreateSemaphoreA
CloseHandle
UnmapViewOfFile
GlobalReAlloc
GlobalFree
MapViewOfFile
GlobalHandle
GlobalUnlock
OpenFileMappingA
lstrlenW
GetSystemWindowsDirectoryW
SetFilePointer
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
GetModuleFileNameW
FreeLibrary
MultiByteToWideChar
SizeofResource
IsBadReadPtr
WideCharToMultiByte
GetCommandLineA
RtlUnwind
GetLocaleInfoA
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
HeapSize
HeapAlloc
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
GetStdHandle
SetHandleCount
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess
GetModuleHandleA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
OutputDebugStringA
HeapReAlloc
Sleep
QueryPerformanceCounter
UnhandledExceptionFilter
GetCurrentDirectoryW
GlobalLock
HeapFree
GetStartupInfoA
HeapCreate
WriteFile
IsBadWritePtr
IsBadCodePtr
LocalAlloc
LCMapStringW
GetStringTypeW
LocalLock
QueryPerformanceFrequency
FindResourceA
LoadResource
FreeResource
LocalHandle
LocalUnlock
LocalFree
CreateFileW
GetLogicalDrives
GetComputerNameW
GetProcessHeap
GetCurrentThread
LocalReAlloc
GetModuleHandleW
GetDriveTypeW

user32

DefWindowProcA
GetDesktopWindow
LoadBitmapA
SetDlgItemTextA
GetDC
ReleaseDC
CheckDlgButton
wsprintfA
IsDlgButtonChecked
GetWindowLongA
SetWindowLongA
wvsprintfA
LoadStringA
MoveWindow
InvalidateRect
GetWindowRect
IsRectEmpty
BeginPaint
CheckRadioButton
GetClientRect
OffsetRect
SetWindowPos
ShowWindow
WinHelpA
SetWindowTextA
LoadStringW
UnregisterClassA
GetFocus
GetDlgItem

advapi32

GetTokenInformation
OpenSCManagerW
LookupAccountNameW
EqualSid
OpenThreadToken
OpenProcessToken
OpenServiceW
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyA
RegOpenKeyA
RegQueryValueA
RegSetValueExA
RegOpenKeyExA
RegSetValueA
RegCreateKeyExA
RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
CloseServiceHandle
QueryServiceStatus

ole32

CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CoFreeUnusedLibraries
CoTaskMemFree
CoUninitialize

oleaut32

VarI1FromI4
VarI2FromI8

msvcrt

free
malloc
towupper
wcschr
wcsrchr

secur32

GetUserNameExW

shlwapi

UrlHashA

winmm

DefDriverProc
timeGetTime

rpcrt4

RpcBindingFree
RpcBindingFromStringBindingW
RpcStringFreeW
UuidFromStringW
UuidToStringW
UuidCompare

ws2_32

WSAAddressToStringW

Exports

Exports

NewerBeEndorsed
OfInformationTechnologiesTheIt
PlatformMechanismProcessVersionsEndorsed
PlatformWww
SMStandards
StandaloneMore
ThatPlatformIncluding
TheAreJava
UpdateAndOrClassesTo

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 12KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d1704a8c11f70d1aa3d00f63ce1e001

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msvcrt

secur32

shlwapi

winmm

rpcrt4

ws2_32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.idata Size: 8KB - Virtual size: 6KB

.rdata Size: 28KB - Virtual size: 27KB

.xdata Size: 12KB - Virtual size: 278KB

.rsrc Size: 16KB - Virtual size: 13KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 36KB

.idata
Size: 8KB - Virtual size: 6KB

.rdata
Size: 28KB - Virtual size: 27KB

.xdata
Size: 12KB - Virtual size: 278KB

.rsrc
Size: 16KB - Virtual size: 13KB

.reloc
Size: 4KB - Virtual size: 1KB