764b4ebe6811a6cb9131a995ab774dd057de5ec735c9b5d504b960e16cd95bba

Sharing

Copy URL Twitter E-mail

General

Target

764b4ebe6811a6cb9131a995ab774dd057de5ec735c9b5d504b960e16cd95bba
Size

324KB
MD5

0ff3acc94c0945e01bc3639a5c096bd0
SHA1

264e082aef9214a405dbd23335407dfd502d298a
SHA256

764b4ebe6811a6cb9131a995ab774dd057de5ec735c9b5d504b960e16cd95bba
SHA512

a256d0c4d129dff72ad1f77ac7f359de19a96e09d21a8d054376022fe759c3b7c98a414bba501d175b2ad4b556738ca0c7d60a676263f829abfe434e16cb61a0
SSDEEP

6144:I1asu9hEZCi3R60OpuFJ/uQWve0JO7iimoYxuPgGfSc2HBPJa:PsuOBieJ/mve087iimoYxPAFYQ

Score

N/A

Malware Config

Signatures

Files

764b4ebe6811a6cb9131a995ab774dd057de5ec735c9b5d504b960e16cd95bba
.dll windows x86

b45e7072b04599734a15c25a4e19ce17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
Sleep
CopyFileA
MoveFileA
SetFileAttributesA
GetFileAttributesA
lstrcmpA
IsBadWritePtr
EnterCriticalSection
LeaveCriticalSection
CreateMutexA
GetTickCount
GetVersion
UnmapViewOfFile
InterlockedIncrement
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
SetEndOfFile
SetConsoleCtrlHandler
lstrlenW
LocalFree
DeleteFileA
lstrlenA
InterlockedDecrement
CreateFileA
CloseHandle
MultiByteToWideChar
WaitForSingleObject
ReleaseMutex
LoadLibraryA
FreeLibrary
GetModuleFileNameA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapAlloc
GetLastError
GetModuleHandleA
GetProcAddress
HeapFree
lstrcpyA
SetEnvironmentVariableA
CompareStringW
GetTimeZoneInformation
CompareStringA
GetCurrentProcessId
QueryPerformanceCounter
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
WriteFile
FlushFileBuffers
SetUnhandledExceptionFilter
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetOEMCP
GetCPInfo
LCMapStringA
WideCharToMultiByte
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetStringTypeA
GetLocaleInfoW

user32

MessageBoxA
wsprintfA
UnregisterClassA

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegCloseKey
GetFileSecurityA
SetFileSecurityA
RegOpenKeyA
AllocateAndInitializeSid
RegQueryInfoKeyA
RegGetKeySecurity
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
InitializeAcl
AddAce
GetAce
EqualSid
AddAccessAllowedAce
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
RegSetKeySecurity
FreeSid

ole32

OleRun
CoCreateInstance
CoInitialize

oleaut32

VariantClear
VariantChangeType
VariantCopy
VariantInit
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocString
CreateErrorInfo
GetErrorInfo
SetErrorInfo

Exports

Exports

NewConfigObject
ReleaseConfigObject

Sections

.text
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b45e7072b04599734a15c25a4e19ce17

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 208KB - Virtual size: 205KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 10KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 208KB - Virtual size: 205KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 10KB

.rmnet
Size: 60KB - Virtual size: 60KB