f19e296a9ea4f4d69a67e7d851d9fc10de9bee232ea23bbbd3862a9436094de2

Sharing

Copy URL

Twitter E-mail

General

Target

f19e296a9ea4f4d69a67e7d851d9fc10de9bee232ea23bbbd3862a9436094de2
Size

195KB
MD5

0e648490c903d23a7ba5bdaf9980a117
SHA1

b476cfae92d9b4bd36cabee4f377eb10d2a86eee
SHA256

f19e296a9ea4f4d69a67e7d851d9fc10de9bee232ea23bbbd3862a9436094de2
SHA512

67067c7137ebedf489dc93a5ec2091be82d90121176c84fb1a2c1a15edabdcd2b8ff609af82236245a076c2eb9e9a8310d5c86b624c60899f22861a24e287dc0
SSDEEP

3072:Bk3vXYXDr9wDUfoTnwwiJuLq4hZOqoLs28IJvJLizJlj+AtIDvthBW:BPXDr9IUfwBe4hVS4IZi+DT

Score

N/A

Malware Config

Signatures

Files

f19e296a9ea4f4d69a67e7d851d9fc10de9bee232ea23bbbd3862a9436094de2
.dll windows x86

2ee1a1e869d2cc464adeeddf3b623d83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
GetUserNameW
CloseEncryptedFileRaw
CryptDestroyHash
GetEventLogInformation
GetMultipleTrusteeA
ReadEventLogA
RegSetValueA
SetTraceCallback
ElfDeregisterEventSource
GetSecurityDescriptorGroup
InstallApplication
RegOpenKeyExW
RegQueryValueExW

gdi32

GetObjectA
GetRegionData
GetPaletteEntries
TranslateCharsetInfo
GetMetaRgn
DeleteObject

kernel32

DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
GetCurrentProcess
GetModuleFileNameA
GetModuleHandleA
HeapDestroy
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
MultiByteToWideChar
Process32First
ReadConsoleOutputCharacterW
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
lstrlenW
CancelIo
CloseHandle
FreeLibrary
GetCurrentThreadId
GetLastError
GetOverlappedResult
GetProcAddress
GetTickCount
GetVersionExW
GlobalAlloc
GlobalFree
ReleaseMutex
ResetEvent
SetEndOfFile
SetEvent
SetLastError
Sleep
WaitForSingleObject
lstrcatW
lstrcmpW
lstrcpynA
lstrcpynW
VirtualAlloc
CompareStringW
CopyFileA
DebugBreak
EnumResourceTypesA
FormatMessageW
FreeEnvironmentStringsA
GetAtomNameA
GetSystemDirectoryW
GlobalReAlloc
InterlockedCompareExchange
LoadLibraryW
LocalAlloc
LocalFree
RaiseException
WriteConsoleOutputCharacterW
LoadResource
FindResourceA
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
InterlockedExchange
OutputDebugStringA
QueryPerformanceCounter
UnlockFile
CompareStringA
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetLocaleInfoW
GetLocaleInfoA
HeapSize
RtlUnwind
HeapReAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
SetConsoleCtrlHandler
IsDebuggerPresent
FatalAppExitA
WriteFile
VirtualFree
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentStrings
SetEnvironmentVariableA

ole32

CreateObjrefMoniker
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
OleBuildVersion

oleaut32

VariantClear
VariantTimeToDosDateTime
VarI1FromDisp

rpcrt4

RpcBindingVectorFree
I_UuidCreate
NdrMesSimpleTypeEncode
RpcEpRegisterNoReplaceA
RpcObjectSetInqFn

user32

CreateDialogParamA
DeregisterShellHookWindow
LoadStringA
RegisterClipboardFormatA
SetRect
CharLowerBuffW
CharToOemBuffW
CharUpperBuffA
IsIconic
LoadStringW
EnumThreadWindows

Exports

Exports

VBZJU

Sections

.text
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ee1a1e869d2cc464adeeddf3b623d83

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

rpcrt4

user32

Exports

Exports

Sections

.text Size: 146KB - Virtual size: 145KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 28KB - Virtual size: 31KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 146KB - Virtual size: 145KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 28KB - Virtual size: 31KB

.reloc
Size: 6KB - Virtual size: 6KB