d89d0f8a078ff03c910b7c07ba625206a3b7225ae4e0e3bd865bfbba17adf596

Sharing

Copy URL Twitter E-mail

General

Target

d89d0f8a078ff03c910b7c07ba625206a3b7225ae4e0e3bd865bfbba17adf596
Size

80KB
MD5

0db98a11049497af566e62f08be2170d
SHA1

2626891ca0dd494190e6b99497b44519d2d43f56
SHA256

d89d0f8a078ff03c910b7c07ba625206a3b7225ae4e0e3bd865bfbba17adf596
SHA512

c3e90e391f81666602c658af1525406c81692e587f5c34e9cee421d991edc364724325d03efbff32d0512cbedc2fc7585c11ad6ccc5e10a53e12a8b106fddd9d
SSDEEP

1536:4DGLwjAKQ8uTvjdT9MdOVDHs+NfIqq7d82wEAEYqZz6YxtxYqaZ:SXje8uT7dTa0DFNfIbv5YqZz6YxTRY

Score

N/A

Malware Config

Signatures

Files

d89d0f8a078ff03c910b7c07ba625206a3b7225ae4e0e3bd865bfbba17adf596
.dll windows x86

7ec8b6471ba7a80be5c91a14ba3d6b31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommBreak
CreateWaitableTimerA
ReadFileEx
GetTempFileNameW
GetTapeParameters
CreateIoCompletionPort
SetConsoleWindowInfo
VirtualAllocEx
EnumSystemLocalesA
GetDiskFreeSpaceW
MoveFileW
GetCurrentDirectoryA
FormatMessageW
ExitProcess
GetDateFormatA
InterlockedDecrement
CreateEventW
WriteProfileStringA
GetStartupInfoW
ReadDirectoryChangesW
SetNamedPipeHandleState
DeleteFileA
SetConsoleTextAttribute
GetOverlappedResult
GetFileTime
GetAtomNameW
PeekConsoleInputW
SetVolumeLabelW
DeleteTimerQueueTimer
SetCommState
HeapUnlock
SetDefaultCommConfigW
CompareFileTime
FlushFileBuffers
GetWindowsDirectoryW
CopyFileW
GetShortPathNameW
PeekConsoleInputA
GetModuleFileNameW
CreateRemoteThread
ReplaceFileW
VirtualUnlock
GetTimeZoneInformation
PurgeComm
GlobalAddAtomA
GetThreadTimes
EndUpdateResourceA
lstrcmpA
WriteFile
UnmapViewOfFile
InterlockedIncrement
VirtualProtect
CreateFileA
SetLastError
CreateMutexA
GetCommandLineA
InitializeCriticalSectionAndSpinCount
CreateProcessA
GetSystemTimeAsFileTime
GetModuleHandleA
GetProcAddress
LoadLibraryA
HeapAlloc
VerifyVersionInfoW

shlwapi

PathAppendA
UrlCreateFromPathW
StrDupW
StrChrIW
StrStrIA
PathCanonicalizeW
StrCatW
SHRegGetValueW
PathRemoveArgsW
SHGetValueW
SHStrDupW
PathIsUNCServerShareW
StrDupA
PathIsPrefixW
StrStrIW

advapi32

RegSaveKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExA
GetSecurityDescriptorSacl
RegSaveKeyA
QueryServiceConfig2W
CredGetSessionTypes
OpenThreadToken
RegQueryValueExW
OpenServiceA
EnumServicesStatusA
MakeAbsoluteSD
GetUserNameW
ChangeServiceConfigA
ImpersonateNamedPipeClient
RegDeleteValueA
DeregisterEventSource
IsTextUnicode
OpenEventLogA
ImpersonateAnonymousToken

gdi32

SetLayout
GetCharABCWidthsW
SetArcDirection
StrokeAndFillPath
GetWinMetaFileBits
CreateFontA
ExtTextOutA
SetTextJustification
CreatePen
PlayEnhMetaFileRecord
PlayMetaFile
SetGraphicsMode
GetGlyphOutlineW
GetPolyFillMode
GetBitmapDimensionEx
EnumFontFamiliesW
GetTextFaceA
GetGlyphOutlineA
FlattenPath
CreateFontIndirectW
GetRgnBox
PtVisible
OffsetWindowOrgEx
SetBkMode
SetTextAlign
AddFontResourceA
CreateCompatibleBitmap

Exports

Exports

confNetClock

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ec8b6471ba7a80be5c91a14ba3d6b31

Headers

File Characteristics

Imports

kernel32

shlwapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB