3c91364391806d8f24279748393e523d85f7364e2856ee5ccc231b2f6696d27d

Sharing

Copy URL Twitter E-mail

General

Target

3c91364391806d8f24279748393e523d85f7364e2856ee5ccc231b2f6696d27d
Size

100KB
MD5

5df7f608eb330f96761061802e421967
SHA1

0502a3a2fb855ab4f0116451327d65cb5b21f12a
SHA256

3c91364391806d8f24279748393e523d85f7364e2856ee5ccc231b2f6696d27d
SHA512

f336a54d178d760b0823135a329e02342fbfeac4ca3dd3ae0edb74074cad671bab608d39457d848bfeec26ae46eeb994b8b04bc59636f9f3c8c1c988a2c850ff
SSDEEP

3072:OOhuX/4HR1K25ifqm+8EFo/nmfElDWU1lfMa:OIRE25fDooUpXM

Score

N/A

Malware Config

Signatures

Files

3c91364391806d8f24279748393e523d85f7364e2856ee5ccc231b2f6696d27d
.dll windows x86

92b233d3c375cb279329891f0f9e9581

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
FreeSid
GetAccessPermissionsForObjectW
GetSecurityDescriptorDacl
GetSecurityDescriptorOwner
GetServiceDisplayNameA
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
SetNamedSecurityInfoA
SetNamedSecurityInfoW
SystemFunction017

gdi32

GetCharWidthW
AbortPath

kernel32

VirtualAlloc
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessW
FormatMessageA
FreeLibrary
GetCommMask
GetCurrentDirectoryA
GetCurrentProcess
GetLastError
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GetSystemInfo
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
HeapAlloc
HeapFree
LoadLibraryA
LoadLibraryExA
LocalFree
MoveFileA
MultiByteToWideChar
SetCurrentDirectoryA
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
LoadResource
FindResourceA
CompareStringW
CompareStringA
GetLocaleInfoW
SetEnvironmentVariableA
VirtualProtect
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
GetCommandLineA
ExitProcess
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

ole32

EnableHookObject
STGMEDIUM_UserMarshal

user32

wsprintfA
MessageBoxExA
LoadStringA
ExcludeUpdateRgn
CharPrevA
CharNextA

Exports

Exports

CEIBHJ

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92b233d3c375cb279329891f0f9e9581

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

user32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 28KB - Virtual size: 27KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 28KB - Virtual size: 27KB

.reloc
Size: 4KB - Virtual size: 3KB