ef935c07e136a432f687c4f3d9c6ca7ea438acd929a053dba4f5bd69f9bb1e48

Sharing

Copy URL Twitter E-mail

General

Target

ef935c07e136a432f687c4f3d9c6ca7ea438acd929a053dba4f5bd69f9bb1e48
Size

132KB
MD5

0cec0854a2ade37461cd4e824a4bcd1f
SHA1

61d85df90f388d554828d1caace4298c961a388e
SHA256

ef935c07e136a432f687c4f3d9c6ca7ea438acd929a053dba4f5bd69f9bb1e48
SHA512

4155abd798879f56d8fa7494174a1599b930c37ff18395289d089186b687f24cd9f4e5cf8dc2827387035d5d15c551195da3329eda77a539d7b48b2d114a36f9
SSDEEP

3072:TdyfHowUjAcMxZH7Zf8aJOmZW6SyYQRKzMku+LhL+EK6exIK+vZHea791ye1j:I/xZH7Zf8a0KnS9Q0zHVLUjmKOB

Score

N/A

Malware Config

Signatures

Files

ef935c07e136a432f687c4f3d9c6ca7ea438acd929a053dba4f5bd69f9bb1e48
.dll windows x86

9e766b99ed9ddc045aa3518952b98c29

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

CommandLineToArgvW
SheGetDirA
SHGetSpecialFolderLocation
SHFreeNameMappings
SHCreateProcessAsUserW
SHAppBarMessage
DragQueryPoint

msvcrt

fmod
fclose
exit
_unlink
_tempnam
_mbsicmp
_mbclen
free
_initterm
_fsopen
_fpreset
_exit
_except_handler3
_errno
_cexit
_amsg_exit
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__getmainargs
__CxxLongjmpUnwind
_XcptFilter
fwrite
memset
rand
rename
sprintf
srand
_ismbblead

user32

GetDlgItem
GetUpdateRect
MenuItemFromPoint
MessageBoxA
SendDlgItemMessageA
SendMessageA
EnableWindow
EndDialog

advapi32

FreeSid
InitializeSecurityDescriptor
GetTokenInformation
EqualSid
CreateProcessWithLogonW
AllocateAndInitializeSid
OpenProcessToken
OpenThreadToken
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegSetKeySecurity
RegSetValueExA
SetSecurityDescriptorDacl
IsTokenRestricted

kernel32

HeapAlloc
GetTickCount
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetSystemDirectoryA
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetModuleHandleA
HeapReAlloc
GetFileType
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
GetCommConfig
FileTimeToSystemTime
ExitProcess
CreateThread
CreateMutexA
CloseHandle
InterlockedCompareExchange
InterlockedExchange
LocalAlloc
LocalFree
OpenThread
Process32First
QueryPerformanceCounter
ReadFile
RtlUnwind
SetUnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
GetLastError

Exports

Exports

AAuxDecode
CchFileTimeToDateTimeSz
CopyRegistry
CreateEnumFormatEtc
HrGetStreamPos
Restore2

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e766b99ed9ddc045aa3518952b98c29

Headers

DLL Characteristics

File Characteristics

Imports

shell32

msvcrt

user32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 73KB - Virtual size: 72KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 73KB - Virtual size: 72KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 3KB