889b17141f38374092a3c3ebc1aad4bea4677ea07e404ace5ce9faa64cf8a0b9

General

Target

889b17141f38374092a3c3ebc1aad4bea4677ea07e404ace5ce9faa64cf8a0b9
Size

181KB
MD5

445ae4e49b517ea1b354f72d5982ce18
SHA1

2a49678430022671a1a652be5d56a1851986bd2e
SHA256

889b17141f38374092a3c3ebc1aad4bea4677ea07e404ace5ce9faa64cf8a0b9
SHA512

8a25980f07ff43ab876bd102d897dd7669519f5e777915ab30037ebc7dbf13f42630d33b5c7309f97505fac70d0829e60fdcd07c4efdb167a9fc414f08f5582b
SSDEEP

3072:xN1U5P5vO/am1Dj8/X1jY16RnUk1CnQqo2ip6SjCt+N9uMCn/ukL9tZH2r8qc7in:xN1UB5vLmR8fdYIRnt4QXFfCEN9uMOxj

Score

N/A

Malware Config

Signatures

Files

889b17141f38374092a3c3ebc1aad4bea4677ea07e404ace5ce9faa64cf8a0b9
.dll windows x86

72dc4e3007475a4bda7e17c6bf74996e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
DeleteCriticalSection
DeleteFileA
ExitProcess
ExitThread
FileTimeToSystemTime
FindClose
GetACP
GetCommandLineA
GetCurrentProcess
GetDriveTypeA
GetModuleHandleA
GetOEMCP
GetProcessAffinityMask
GetStartupInfoA
GetSystemDirectoryA
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapReAlloc
IsValidLocale
LeaveCriticalSection
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsFree
UnhandledExceptionFilter
WaitForMultipleObjects
WaitForSingleObject
lstrcpynA

user32

GetWindowThreadProcessId
SendMessageA
SetWindowLongA
GetMenuCheckMarkDimensions

winmm

joySetThreshold
timeEndPeriod
joyGetThreshold
joyGetPos

ole32

CoCreateInstance
CLSIDFromString

advapi32

SetNamedSecurityInfoExW
OpenEventLogA
ObjectOpenAuditAlarmW
LsaGetQuotasForAccount
LsaClose
LsaClearAuditLog
LookupPrivilegeDisplayNameW
GetNamedSecurityInfoExA

shlwapi

StrStrIA
StrStrA
PathStripPathA

Exports

Exports

GetErrorLog

Sections

.text
Size: 116KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72dc4e3007475a4bda7e17c6bf74996e

Headers

File Characteristics

Imports

kernel32

user32

winmm

ole32

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 216KB

.data Size: 60KB - Virtual size: 60KB

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 116KB - Virtual size: 216KB

.data
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB