89e1e7c746048c9f28c200e3fe19e5223a61e89a9c09c160e30707bf101dd0c0

Sharing

Copy URL Twitter E-mail

General

Target

89e1e7c746048c9f28c200e3fe19e5223a61e89a9c09c160e30707bf101dd0c0
Size

118KB
MD5

0f5e247c9f1af19a8db79c8a27df183b
SHA1

316156da31a6c7ef2b5ca38e622e9252d032af0a
SHA256

89e1e7c746048c9f28c200e3fe19e5223a61e89a9c09c160e30707bf101dd0c0
SHA512

0296e967efd3eab702224a87efef9ecb66f7f4e3c1e694477bb25297af38d815513be55a3694f765b76d36855915fe35f4be55822f21caf9d481ee6b11f70b8c
SSDEEP

3072:Yxoo0lfW6bf1rQSMZuLVp/zsbg9+6eCMKMMiU1m9:nWKNVLHYfCMKNP

Score

N/A

Malware Config

Signatures

Files

89e1e7c746048c9f28c200e3fe19e5223a61e89a9c09c160e30707bf101dd0c0
.dll windows x86

b45daf0e1d8559e8377f25f5f851c22a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

ControlService
CreateServiceA
InitializeSecurityDescriptor
OpenProcessToken
QueryServiceStatus
SetSecurityDescriptorDacl
StartServiceA
CloseServiceHandle
AdjustTokenPrivileges

ole32

ProgIDFromCLSID
OleSaveToStream
OleInitialize
OleFlushClipboard
GetConvertStg
CreateFileMoniker
CoUninitialize
CoTaskMemRealloc
OleSetClipboard
CoResumeClassObjects
CoLockObjectExternal
CoGetMalloc

user32

ToAscii
MessageBoxA
IsCharUpperA
GetMessageA
GetMenu
GetFocus
DestroyMenu
DestroyCursor
CreateIconFromResource
CreateAcceleratorTableA
CopyRect
ChangeMenuA

shell32

SHGetMalloc
SHFileOperationA
SHBindToParent

shlwapi

PathQuoteSpacesA
PathUnquoteSpacesA
SHAutoComplete
StrStrIA
PathFindFileNameA
PathFindExtensionA
PathFileExistsA
PathCompactPathExA
PathCanonicalizeA
PathAppendA
PathMatchSpecA
PathIsRootA
PathIsRelativeA
PathIsDirectoryA

msvcrt

sscanf
strcmp
strlen
strstr
vsprintf
memcpy
sprintf
__set_app_type
getenv
free
fflush
_except_handler3
_errno
malloc

kernel32

Sleep
VirtualAlloc
lstrcmpiA
ReadFile
InterlockedIncrement
EnumResourceTypesA
RtlUnwind

Exports

Exports

Ahy
Fgw
Poh
Rlt
Xjl
Ybs
Yed

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b45daf0e1d8559e8377f25f5f851c22a

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 28KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 31KB - Virtual size: 32KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 27KB - Virtual size: 28KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 31KB - Virtual size: 32KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB