438ccf64f303e37dbfcfebcfb535f7e7625faafda5066ff69fee118a9e8adf83

Sharing

Copy URL Twitter E-mail

General

Target

438ccf64f303e37dbfcfebcfb535f7e7625faafda5066ff69fee118a9e8adf83
Size

80KB
MD5

a8585810c74e798067de001acbf9a388
SHA1

59afd92b0269a6b98b3ce6701f9345908f6cf239
SHA256

438ccf64f303e37dbfcfebcfb535f7e7625faafda5066ff69fee118a9e8adf83
SHA512

b8807588b8c6b1377fca4f3f22524bb8894ca4a651c741ce5d28e33bdfe9ae4b3a06c69d55e2666c27decf96a5662b8a3b9cde0db3d1d1a870a85ad316126448
SSDEEP

768:KBuMULQyP6ASqKWX2d79h2UTUVstJa6LCslh/OtGlt2QebYnD0Bsf7iNx5xm/QcP:ggQ4U5X86hDjOs9fnpDiNUMXAdb1

Score

N/A

Malware Config

Signatures

Files

438ccf64f303e37dbfcfebcfb535f7e7625faafda5066ff69fee118a9e8adf83
.dll windows x86

a8269b609eca36accc4cc4da8401cbc2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommMask
GetNumberFormatW
SetEndOfFile
HeapWalk
HeapDestroy
FindNextVolumeW
GetCurrentDirectoryA
GetLogicalDriveStringsA
FindAtomW
GetFullPathNameW
GetUserDefaultLCID
FillConsoleOutputCharacterW
SetLocalTime
lstrcmpiW
ExpandEnvironmentStringsW
RemoveDirectoryW
RtlMoveMemory
FindNextFileW
GlobalFindAtomA
GetCurrentProcess
AddRefActCtx
WaitForSingleObjectEx
OpenEventA
GetEnvironmentVariableA
QueueUserAPC
InterlockedExchangeAdd
ReadConsoleW
GetWindowsDirectoryW
SetProcessWorkingSetSize
IsBadReadPtr
EnumUILanguagesW
WriteConsoleInputA
SetTimeZoneInformation
WaitNamedPipeA
RegisterWaitForSingleObjectEx
CreateToolhelp32Snapshot
ExitProcess
GetStringTypeExW
ExpandEnvironmentStringsA
MapViewOfFileEx
ReadFileEx
ConnectNamedPipe
GetSystemPowerStatus
CreateMailslotA
GetExitCodeProcess
AreFileApisANSI
GetProcessAffinityMask
VirtualQueryEx
TerminateProcess
FindResourceW
GlobalFree
GetProcessHeap
GetCurrentProcessId
GetModuleHandleA
GetProcAddress
VirtualQuery
GetVolumeInformationA
GetLastError
InitializeCriticalSectionAndSpinCount
LocalFree
GetSystemDirectoryA
GetCommandLineA
GetSystemTimeAsFileTime
SetLastError
CloseHandle
LeaveCriticalSection
LoadLibraryA
GetTickCount
GetSystemInfo
CreateFileMappingA

ole32

CoGetObjectContext
CoFreeUnusedLibrariesEx
CoMarshalInterface
CoQueryProxyBlanket
BindMoniker
IIDFromString
OleCreateMenuDescriptor
CreateDataCache
OleCreateStaticFromData
OleCreateFromData
CoImpersonateClient
CoCreateGuid
CoUnmarshalInterface
CoGetMarshalSizeMax
FreePropVariantArray
ReadFmtUserTypeStg
CreateGenericComposite

shlwapi

PathGetDriveNumberW
PathRemoveBlanksW
PathRemoveArgsW
StrChrIW
StrFormatByteSizeW
PathSkipRootW

advapi32

RegDeleteValueA
GetUserNameA
QueryServiceLockStatusW
LogonUserW
SaferCreateLevel
OpenEventLogA
QueryServiceStatusEx
BuildTrusteeWithNameW
CredGetSessionTypes
GetServiceKeyNameW
SetThreadToken
RegRestoreKeyA
LogonUserA
ClearEventLogW
MakeAbsoluteSD
RevertToSelf
CreateServiceW
RegSetValueW
RegCreateKeyExA

Exports

Exports

uniUsermm

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8269b609eca36accc4cc4da8401cbc2

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB