393779b3bdbc21fabdac4ba79844e9a1a6637354c3b262a69fb23df19f418b56

Sharing

Copy URL Twitter E-mail

General

Target

393779b3bdbc21fabdac4ba79844e9a1a6637354c3b262a69fb23df19f418b56
Size

153KB
MD5

07bbb385755c27d369576813d60560d0
SHA1

3d4446c89debae7e3f8809935ebad7ed2a32517b
SHA256

393779b3bdbc21fabdac4ba79844e9a1a6637354c3b262a69fb23df19f418b56
SHA512

acbb2ef1646b371b08854bda8861c7a001b1c2cefb1a3b06425e8f6e4f1bd88eff24091f0d5aedadd1ad94a92e3a096d40c7bbad141d178b0ca5c9aa08cb7244
SSDEEP

3072:+4aDxxONzL4Jrn52DectoqF1ZxGCN9VZpdhaHlcuswZe:+1SBLi52DjFFDE8dQFc7

Score

N/A

Malware Config

Signatures

Files

393779b3bdbc21fabdac4ba79844e9a1a6637354c3b262a69fb23df19f418b56
.dll windows x86

f7a5b5162c702fbd0094f7b7c2953d16

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MiniDumpWriteDump

kernel32

GetCurrentThreadId
MultiByteToWideChar
GetModuleFileNameA
GetLastError
WideCharToMultiByte
lstrlenW
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
LoadLibraryA
lstrcpyA
FindClose
FindFirstFileA
DebugBreak
OutputDebugStringA
CloseHandle
ReadFile
CreateFileA
GetModuleHandleA
SetUnhandledExceptionFilter
DeleteFileA
GetLocalTime
GetProcAddress
FileTimeToLocalFileTime
GetTempFileNameA
GetTempPathA
GetSystemInfo
GetCurrentProcessId
FileTimeToSystemTime
FileTimeToDosDateTime
IsBadCodePtr
IsBadReadPtr
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetTickCount
CopyFileA
lstrlenA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
TerminateProcess
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
TlsAlloc
TlsGetValue
SetLastError
TlsFree
GetCPInfo
GetOEMCP
ExitProcess
GetCommandLineA
TlsSetValue
HeapReAlloc
RtlUnwind
RaiseException
VirtualProtect
VirtualQuery
SetFilePointer
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
InterlockedIncrement
QueryPerformanceCounter
InterlockedDecrement
FlushFileBuffers
SetStdHandle
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
WriteFile

user32

SetWindowTextA
LoadIconA
GetWindow
GetWindowRect
SystemParametersInfoA
MapWindowPoints
wvsprintfA
GetSysColorBrush
GetActiveWindow
GetDlgItem
MessageBoxA
ReleaseDC
GetDC
OffsetRect
SetWindowPos
CreateWindowExA
GetClassNameA
CreateCursor
GetWindowTextLengthA
GetWindowTextA
EndPaint
DrawTextA
GetFocus
DrawFocusRect
BeginPaint
GetClientRect
FillRect
IsWindow
InvalidateRect
PtInRect
SetCursor
SetFocus
SetCapture
GetCapture
ReleaseCapture
GetCursorPos
ScreenToClient
GetDlgCtrlID
GetParent
SendMessageA
CharNextA
CallWindowProcA
GetWindowLongA
DialogBoxParamA
DestroyCursor
SetRectEmpty
DestroyWindow
DefWindowProcA
LoadStringA
SetWindowLongA
EndDialog
UnregisterClassA

gdi32

GetObjectA
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
DeleteObject
DeleteDC

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

shell32

ShellExecuteA
SHGetFileInfoA

ole32

CoCreateInstance
CoTaskMemFree
CoInitialize
CoUninitialize
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarUI4FromStr
SysFreeString
SysAllocString
SysAllocStringLen

zlib

ord84
ord83
ord82
ord81
ord80

Exports

Exports

AddFile
GenerateErrorReport
Install
Uninstall

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f7a5b5162c702fbd0094f7b7c2953d16

Headers

File Characteristics

Imports

dbghelp

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

zlib

Exports

Exports

Sections

.text Size: 63KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 6KB - Virtual size: 6KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 63KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 6KB - Virtual size: 6KB

.rmnet
Size: 56KB - Virtual size: 60KB