728927e7fd79d8efc19bea939bb4e89953aba2fd8bea6e584186276a636a382f

Sharing

Copy URL Twitter E-mail

General

Target

728927e7fd79d8efc19bea939bb4e89953aba2fd8bea6e584186276a636a382f
Size

116KB
MD5

9663e9cfe1ae786ca7691fca4eed7813
SHA1

6213ec7528df7ac1532fec9f30ea789a372232e9
SHA256

728927e7fd79d8efc19bea939bb4e89953aba2fd8bea6e584186276a636a382f
SHA512

1d387e6379fe18caa14c5c72eaa687456c534426fd217e554fcf25ada3e7dbfc2c74f89f7b8fbe8dbeef0bbca4ece64ece36cbdff526fee7bc24ced95de10d54
SSDEEP

3072:ItMUmCPk1CGfzFlZkwTh68WNqjAXLWoDiKsfXV6AMtHaaU:IhfQZ5lZVThjR4ixXV6AGHnU

Score

N/A

Malware Config

Signatures

Files

728927e7fd79d8efc19bea939bb4e89953aba2fd8bea6e584186276a636a382f
.dll windows x86

ae2a1ce80143ad8f514431cd60eaa47f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetConsoleAliasExesW
GetPrivateProfileStructW
GlobalAlloc
FreeLibrary
LocalSize
GetShortPathNameW
ReadConsoleInputExA
FlushViewOfFile
ChangeTimerQueueTimer
GetVersion
FreeEnvironmentStringsW
SetConsoleCtrlHandler
SetConsoleTitleW
GetModuleHandleA
GetHandleInformation
IsValidLocale
OpenWaitableTimerW
LoadLibraryA
GetProcAddress
VirtualAlloc
GetSystemTime

user32

SetDeskWallpaper
GetCaretPos
DdeNameService
InSendMessageEx
GetKeyboardLayout
IsWindowVisible
SetSystemCursor
MessageBoxExA
ChangeDisplaySettingsW
NotifyWinEvent
DlgDirListA
CharPrevA
GetParent
ScrollWindow
DlgDirListComboBoxA
DrawFrame
FlashWindowEx
SetWindowTextA
UnpackDDElParam
EnumWindows
GetScrollBarInfo
CreateWindowExA
DrawEdge
SetCaretBlinkTime
ShowScrollBar
BeginDeferWindowPos
ScrollWindowEx
GetDlgItemTextW
MessageBoxW
OemToCharA
GetAsyncKeyState

advapi32

QueryServiceLockStatusW
GetAuditedPermissionsFromAclA
RegEnumValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidA
GetServiceKeyNameA
LsaEnumerateAccountsWithUserRight
PrivilegeCheck
QueryRecoveryAgentsOnEncryptedFile
RegisterEventSourceA
AreAllAccessesGranted
RegSaveKeyW
SystemFunction029
InitializeSecurityDescriptor

msvcrt

sprintf
_mbsnbcat
_mbsnextc
__mb_cur_max
_y1
_makepath
memset
fread
_finite
_ultoa
feof
ferror
fputs
wcstod
printf
ldiv
fprintf
fclose
_wperror
_locking
_ismbbkpunct
_stati64
_ismbcl1
_chdrive
getenv
_wexecl
_wspawnv
__RTDynamicCast
_isnan
fwrite
fseek
ftell
__threadhandle
_mbsnccnt
_except_handler3
_unlink
_wremove
_wsplitpath
fputc
_mbspbrk
__dllonexit
fsetpos
_strset
fwprintf
__crtCompareStringA
iswalpha
_Strftime
fopen
_strcmpi
_ismbbpunct

Exports

Exports

Aodu
Nijen
Npocycuvh
Wefrdolyyr
Yetb

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae2a1ce80143ad8f514431cd60eaa47f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 52KB - Virtual size: 49KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 52KB - Virtual size: 49KB

.reloc
Size: 8KB - Virtual size: 6KB