a8db4e8e1cfe53858c7d3a418a528705b5cf1967d9573e9e09b634fc5539b992

Sharing

Copy URL

Twitter E-mail

General

Target

a8db4e8e1cfe53858c7d3a418a528705b5cf1967d9573e9e09b634fc5539b992
Size

272KB
MD5

6481ffaea7055a7608381b024e9200bf
SHA1

0ef66367cabeb77e928864f73f1ce4976338c5d8
SHA256

a8db4e8e1cfe53858c7d3a418a528705b5cf1967d9573e9e09b634fc5539b992
SHA512

746632bddc4eb5188ff5b8a3e5f6ec2ef69d060f3f893b964e1c2742fce61295284e599821843c757c61b5513ab8c1cf3b0ea76a40ef11e526795ba334be6d6b
SSDEEP

6144:OcmjUEAL3UL74XPzfSkvfv4IdmLeMmXJDXhq/626jcXDQ:OcepAL97zvX45qMeDXhq/SQXD

Score

N/A

Malware Config

Signatures

Files

a8db4e8e1cfe53858c7d3a418a528705b5cf1967d9573e9e09b634fc5539b992
.dll windows x86

06e38e8c8ae3da4f72e69874a538fb46

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
LocalFree
lstrlenA
WaitForSingleObject
CloseHandle
RaiseException
GetTickCount
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
VirtualAlloc
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
SetUnhandledExceptionFilter
GetCommandLineW
ExpandEnvironmentStringsW
SystemTimeToTzSpecificLocalTime
FreeLibrary
GetModuleHandleA
OutputDebugStringA
GetFullPathNameW
GetThreadLocale
CreateFileW
GetFileSize
ReadFile
GetFileType
WriteFile
FileTimeToSystemTime
HeapSetInformation
GetLastError
GetStdHandle
lstrcmpiW
GetProcessHeap
HeapFree
Sleep

user32

OpenIcon
IsIconic

advapi32

GetAce
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyW
RegQueryInfoKeyW
RegEnumKeyExW
GetSecurityDescriptorLength
GetSecurityDescriptorControl
IsValidSecurityDescriptor
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
AddAce
MapGenericMask
InitializeAcl
GetAclInformation
GetSecurityDescriptorDacl
RegCloseKey
LookupPrivilegeValueW
AdjustTokenPrivileges
LookupAccountSidW

ole32

CoInitialize
CoUninitialize
CoTaskMemFree

msvcrt

wprintf
fflush
exit
setlocale
towupper
wcscoll
swscanf
wcsrchr
wcsstr
wcsspn
wcscspn
memset
malloc
free
wcschr

shlwapi

PathFindExtensionA

rpcrt4

UuidCreate
RpcStringFreeW

Exports

Exports

AWhitespaceStringsIn
AndAreTheWhich
FormatWithStarts
SectionForLineButLines
ThatCompressedOfSectionAre
TheTheValueLinesSpace

Sections

.text
Size: 240KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06e38e8c8ae3da4f72e69874a538fb46

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

shlwapi

rpcrt4

Exports

Exports

Sections

.text Size: 240KB - Virtual size: 238KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 154KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 240KB - Virtual size: 238KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 154KB

.reloc
Size: 4KB - Virtual size: 1KB