1342419fb0a8dc6e2f349bccc5c224011e86084975d3dddd70f534bc6e53baf9

Sharing

Copy URL Twitter E-mail

General

Target

1342419fb0a8dc6e2f349bccc5c224011e86084975d3dddd70f534bc6e53baf9
Size

80KB
MD5

86d3bfa4abf6cd1cdbb8b91ac2df7db9
SHA1

acec9f3853aecc68b00b4038be3e2855963645fe
SHA256

1342419fb0a8dc6e2f349bccc5c224011e86084975d3dddd70f534bc6e53baf9
SHA512

158f4314b3fd9eb4798f4776f3a4b923ee17ebd0641900223766712abf9f33a2bd0b1970788ee82580d4e9f928dc71fe2b66be9d28f2cccd98483222d7d081d0
SSDEEP

1536:lcCu94ysnl0L4JBcYBXrYjV7ZCfZw4mRT/1cLsTWCHas/W:CL4ygOLkmgXrgZCfIRT/1cgTW+lu

Score

N/A

Malware Config

Signatures

Files

1342419fb0a8dc6e2f349bccc5c224011e86084975d3dddd70f534bc6e53baf9
.dll windows x86

1917df523af4f8e9f7b4ad4646286396

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
GetCurrentProcessId
InterlockedDecrement
GetModuleHandleA
GetCommandLineA
LoadLibraryA
CreateFileMappingA
VirtualProtect
GetProcAddress
HeapFree
GetLastError
EnterCriticalSection
GetModuleFileNameA
ReleaseMutex
CopyFileA
LeaveCriticalSection
DisconnectNamedPipe
GetFileType
RegisterWaitForSingleObject
GetTempPathA
GetEnvironmentVariableW
GetProfileSectionA
LocalFileTimeToFileTime
FindFirstVolumeW
CreateSemaphoreA
DosDateTimeToFileTime
RemoveDirectoryA
PeekConsoleInputA
CreateMailslotW
SetProcessShutdownParameters
VerSetConditionMask
FindFirstFileA
ConvertDefaultLocale
GetCurrentActCtx
GetCurrentProcess
GetTempPathW
GetFileAttributesExW
GetVersion
CreateNamedPipeA
SetEvent
LCMapStringW
ResumeThread
lstrcmpA
SetEnvironmentVariableA
VirtualUnlock
GetNumberOfConsoleInputEvents
GetLocaleInfoA
WriteConsoleInputA
SetErrorMode
CreateMailslotA
ReadDirectoryChangesW
GetDiskFreeSpaceExW
FillConsoleOutputCharacterW
AreFileApisANSI
GetVersionExW
FormatMessageA
UnlockFileEx
GetTimeFormatW
UnregisterWaitEx
GetCommModemStatus
ClearCommError
CreateNamedPipeW
HeapLock
VerifyVersionInfoA

ole32

CreateGenericComposite
CreateILockBytesOnHGlobal
StringFromGUID2
CoWaitForMultipleHandles
OleCreateMenuDescriptor
MkParseDisplayName
CoImpersonateClient
OleCreateFromData
PropVariantClear
OleLoad
CoInitialize
OleRegEnumVerbs

user32

GetDlgItemTextW
CharLowerBuffA
BroadcastSystemMessageW
UnhookWinEvent
DispatchMessageA
TranslateMessage
GetWindowThreadProcessId
GetParent
SetTimer
AllowSetForegroundWindow
ShowWindowAsync
CharToOemA
SetRect
CheckDlgButton
WaitMessage
ReuseDDElParam
RemovePropW
SetMenuDefaultItem
WindowFromDC
GetMessageExtraInfo
CharUpperBuffA
CreateDialogParamW
ExitWindowsEx
GetDCEx
IsIconic
SetScrollInfo
ReleaseDC
SetWindowTextW
ToAsciiEx
GetMenuItemInfoW
ChangeDisplaySettingsExW
GetSysColor
GetNextDlgTabItem
InSendMessage
ScrollDC
MapVirtualKeyW
GetMessageW
LoadAcceleratorsW
wsprintfA
SetWindowLongW
SetActiveWindow
GetWindowInfo
DefFrameProcW

oleaut32

SysFreeString
SysReAllocString
SysStringLen

shell32

ShellExecuteExA
SHGetSettings
DragQueryFileW
DragQueryFileA
CommandLineToArgvW

Exports

Exports

i18UserSupport

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1917df523af4f8e9f7b4ad4646286396

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shell32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB