447caf95552a0d183c7e8ee59d65cd147d34b68851cfca48e49363c2f4ddd334

Sharing

Copy URL Twitter E-mail

General

Target

447caf95552a0d183c7e8ee59d65cd147d34b68851cfca48e49363c2f4ddd334
Size

172KB
MD5

1303b85e24f9bde32c6d3ed35883c7e0
SHA1

3227f7d69b58e05a892b7b10085fb137008c9067
SHA256

447caf95552a0d183c7e8ee59d65cd147d34b68851cfca48e49363c2f4ddd334
SHA512

a0912d429bdb523e31271541433c85f2bf82401be2c34bdd6c3de0a18ed834fa93d3059ea58867a261b5ce04932db23c2a3fa0606abbca42c946f460bacfed0f
SSDEEP

3072:czMvROcoxoC18D4uLXMT+xSGbBTKpeLl8hO2q:jZC18cuYT+xhVWQ

Score

N/A

Malware Config

Signatures

Files

447caf95552a0d183c7e8ee59d65cd147d34b68851cfca48e49363c2f4ddd334
.dll windows x86

e2eddf3881e8d2df6db5c7831b8deebd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegQueryValueW
RegSetValueW

kernel32

DisableThreadLibraryCalls
WideCharToMultiByte
lstrlenW
VirtualAlloc
HeapFree
HeapAlloc
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcAddress
GetModuleHandleA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
IsBadWritePtr
ExitProcess
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
VirtualProtect
GetSystemInfo
MultiByteToWideChar
SetFilePointer
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
ReadFile
SetStdHandle
HeapSize
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
FlushFileBuffers
GetTimeZoneInformation
CloseHandle
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

ole32

CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc

user32

wsprintfW
UnregisterClassW

Exports

Exports

VYPYVRFEIR

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2eddf3881e8d2df6db5c7831b8deebd

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 8KB - Virtual size: 16KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 8KB - Virtual size: 16KB

.reloc
Size: 8KB - Virtual size: 5KB