ee79ce412f512027adf9ff4b56217922d41fe7c170dc15fa47f93f14aa5cd850

Sharing

Copy URL Twitter E-mail

General

Target

ee79ce412f512027adf9ff4b56217922d41fe7c170dc15fa47f93f14aa5cd850
Size

96KB
MD5

b2cb4083a9ac904c3ccf309ee8b823e3
SHA1

e65c171772abe8bb92e42b6a9f7b6781a5824a9d
SHA256

ee79ce412f512027adf9ff4b56217922d41fe7c170dc15fa47f93f14aa5cd850
SHA512

261760b92ae1734b7e43c830cafcf16f7d06064cd51d66f992c7255c2130a7b24fe68c35e1a6955e7d3649516982fa535e3bb8e785614b62872d6bf4929c28b3
SSDEEP

1536:qBm9ukzY/KPGVbceDUJujh71f4TdmHqdv2tk45C6GFUNSstDH2ClV:Gs5zobkJuN7B4TdmHqB2tkoHGSLDWCz

Score

N/A

Malware Config

Signatures

Files

ee79ce412f512027adf9ff4b56217922d41fe7c170dc15fa47f93f14aa5cd850
.dll windows x86

1f6002c8207d0e25788891c6603f3226

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GlobalHandle
SuspendThread
HeapFree
WaitForSingleObject
LocalFree
CreateFileA
SetEnvironmentVariableA
GetStartupInfoA
GetTimeFormatA
IsBadStringPtrW
ExitProcess
lstrcpyA
GetFileTime
GetStringTypeW
GetCurrentDirectoryW
MapViewOfFile
LocalAlloc
HeapCreate
CreateDirectoryW
ExitThread
GlobalReAlloc
InterlockedDecrement
SetEvent
SearchPathA
LoadResource
LeaveCriticalSection
GetConsoleMode
CloseHandle
CreateEventW
GetModuleHandleW
GetShortPathNameA
SetThreadPriority
lstrcpynW
lstrcpynA
lstrcmpiA
GetSystemTime
LCMapStringW
IsValidLocale
GetCurrentProcessId
GetFileSize
GetShortPathNameW
CopyFileW
SetCurrentDirectoryW
CreateMutexW
GlobalLock
GlobalUnlock
WideCharToMultiByte
GetStartupInfoW
GetCPInfo
LoadLibraryW
SetErrorMode
CreateMutexA
CreateEventA
WriteFile
CreateFileMappingA
CreateFileW
GetCurrentDirectoryA
IsValidCodePage
HeapReAlloc
SetStdHandle
QueryPerformanceCounter
LCMapStringA
GlobalFree
SetEndOfFile
UnmapViewOfFile
CreateDirectoryA
InterlockedExchange
GetHandleInformation
SetHandleCount
GetSystemInfo
DeleteCriticalSection
InitializeCriticalSection
GetACP
CreateFileMappingW
SetLastError
CopyFileA
GetTickCount
SizeofResource
GetThreadLocale
lstrlenW
GetLocaleInfoW
GetLastError
GetModuleHandleA
InterlockedIncrement
lstrlenA
lstrcmpiW
LoadLibraryA
FormatMessageA
SystemTimeToFileTime
VirtualQuery
CompareStringA
GetProcessHeap
lstrcmpA
SetFilePointer
GetTempPathW
GetModuleFileNameW
ReadFile
GetProcAddress
LockResource
InterlockedCompareExchange
IsBadWritePtr
HeapSize
FreeLibrary
GetVersionExA
GetVersion
LoadLibraryExW
WriteConsoleW
WriteConsoleA
ReleaseMutex
EnumSystemLocalesA
GetTempFileNameW
HeapAlloc
GetStringTypeA
GetThreadTimes
GetCurrentThreadId
CreateThread
GetLocalTime
GetLocaleInfoA
lstrcpyW
lstrcmpW
VirtualFree
GetCurrentThread
GetFileType
SetCurrentDirectoryA
HeapDestroy
GetTempPathA
RaiseException
lstrcatA
ExpandEnvironmentStringsA
Sleep
GlobalAlloc
GetVersionExW
CompareStringW
GetConsoleCP
VirtualAlloc

gdi32

SetMapMode
ExtTextOutA
PatBlt
RestoreDC
LineTo
SetWindowExtEx
GetTextMetricsA
GetViewportExtEx
CreateFontIndirectA
GetTextMetricsW
ExtTextOutW
TextOutW
CreateSolidBrush
CreateRectRgnIndirect
OffsetViewportOrgEx
CreateDIBSection
CreateFontA
SetBkColor
Polyline
SetStretchBltMode
Ellipse
SelectClipRgn
GetClipBox
GetObjectW
GetTextExtentPoint32A
GetClipRgn
StretchBlt

shell32

CommandLineToArgvW
DragQueryFileA
StrCmpNA
Shell_NotifyIconA
SHAppBarMessage
SHGetMalloc
SHGetInstanceExplorer
SHGetPathFromIDListA

shlwapi

PathMakeSystemFolderA
PathSearchAndQualifyA
PathCompactPathA
PathFileExistsA
PathIsRelativeA
PathIsFileSpecA
SHRegSetUSValueA
PathAppendA
PathIsURLA
SHRegQueryUSValueA
SHRegEnumUSKeyA
PathGetArgsA
PathRemoveArgsA
StrDupA
PathGetDriveNumberA
PathRemoveExtensionA
PathFindNextComponentA
PathRemoveBackslashA
PathIsDirectoryA
StrTrimA
PathFindOnPathA
PathRemoveFileSpecA
PathParseIconLocationA
SHDeleteValueA
SHRegWriteUSValueA
PathIsUNCServerShareA
StrToIntA
SHRegDeleteUSValueA
StrCSpnA
StrPBrkA
PathSkipRootA
PathIsPrefixA
PathIsUNCA
PathIsRootA
SHRegOpenUSKeyA
SHSetValueA
PathCombineA
SHQueryValueExA
SHDeleteKeyA
PathGetCharTypeA
SHRegEnumUSValueA
PathFindExtensionA
PathBuildRootA
PathCanonicalizeA
PathCommonPrefixA
SHRegQueryInfoUSKeyA
PathIsSystemFolderA
PathIsContentTypeA
SHRegDeleteEmptyUSKeyA
StrFormatByteSizeA
PathStripToRootA
PathAddBackslashA
PathFindFileNameA

version

VerQueryValueA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeW

msvcrt

_unlink
fwrite
fseek
ftell
fclose
memset
sprintf
printf
fread
_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
free
fopen

Exports

Exports

apiexmzdwl

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f6002c8207d0e25788891c6603f3226

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

shlwapi

version

msvcrt

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 52KB - Virtual size: 48KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 52KB - Virtual size: 48KB

.reloc
Size: 4KB - Virtual size: 3KB