ed78a3006281aa03b57c72baf76b32fe37a2038e5993d42221ec1ff4d3acf442

Sharing

Copy URL

Twitter E-mail

General

Target

ed78a3006281aa03b57c72baf76b32fe37a2038e5993d42221ec1ff4d3acf442
Size

395KB
MD5

7c87f462348731706f4d7f283f996620
SHA1

c13fda3d65318b669c1e6eab738df1d61ec84517
SHA256

ed78a3006281aa03b57c72baf76b32fe37a2038e5993d42221ec1ff4d3acf442
SHA512

68cb341510bd3590b88af02ce107f4650812ed5fd6215279edb2a6e10373af02015d10d3899beb2b9908354f528bb03e49566c8e8e04261c4a0ce6a11f78ee83
SSDEEP

6144:GjCNcMDIoSyTG1LzSTFI1ub50l2GWXID0caDUa2BfFdLhxiYu68uq+XW9lODn:L0L4G5zWmAGYW3fF1ziYu2q+GXm

Score

N/A

Malware Config

Signatures

Files

ed78a3006281aa03b57c72baf76b32fe37a2038e5993d42221ec1ff4d3acf442
.dll windows x86

94fc3a5d101571837cab2e3fda67efd4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetVersionExW
HeapAlloc
HeapFree
InterlockedCompareExchange
InterlockedExchange
LoadLibraryA
QueryPerformanceCounter
ResumeThread
GetProcessHeap
RtlUnwind
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
WriteProcessMemory
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
SetLastError
GetProcessPriorityBoost
FreeConsole
ExitProcess
CreateProcessW
CloseHandle

ntdll

NtQuerySystemInformation
NtSetSystemInformation
RtlInitUnicodeString
RtlNtStatusToDosError
RtlUnicodeStringToInteger
NtQueryInformationProcess

comctl32

PropertySheetW

advapi32

RegCreateKeyExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey

user32

GetDlgItem
ShowWindow
SetWindowLongW
SendMessageW
SendDlgItemMessageW
MsgWaitForMultipleObjects
MessageBoxW
CheckDlgButton
EnableWindow
GetAncestor
GetFocus
GetParent
GetSystemMetrics

Exports

Exports

CreateFontW
DeleteSources
LoadSurfaceFromFileInMemory
OpenDevice
mpegSplitInitTS

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94fc3a5d101571837cab2e3fda67efd4

Headers

File Characteristics

Imports

kernel32

ntdll

comctl32

advapi32

user32

Exports

Exports

Sections

.text Size: 77KB - Virtual size: 76KB

.rdata Size: 180KB - Virtual size: 179KB

.data Size: 68KB - Virtual size: 69KB

.rsrc Size: 63KB - Virtual size: 63KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 77KB - Virtual size: 76KB

.rdata
Size: 180KB - Virtual size: 179KB

.data
Size: 68KB - Virtual size: 69KB

.rsrc
Size: 63KB - Virtual size: 63KB

.reloc
Size: 5KB - Virtual size: 4KB