c484c2ab09cae0ea5e7381e558b33cb046e4c679347a01d1938436a37c1e156a

Sharing

Copy URL Twitter E-mail

General

Target

c484c2ab09cae0ea5e7381e558b33cb046e4c679347a01d1938436a37c1e156a
Size

99KB
MD5

2d436337ccc9f0b110b8466c56721864
SHA1

35846bd79a495059a09b869ed6dd24b359278278
SHA256

c484c2ab09cae0ea5e7381e558b33cb046e4c679347a01d1938436a37c1e156a
SHA512

7e683ce8cd588d84454fc62ee436606dc94ea0f63827f2cc526dcc499e4280041dfa5f13a225effa7a66b438ac36f33e4cf73834bd4e7012e46fa1e3bda6d5f8
SSDEEP

1536:U93g8BRSn2iFytEJg4rpBfMOVcKnpfdcKpmlzVXIbhOuV4axi42P9xKXU/:U93TaLy+JgKfMOmKnpfuKyV8lBOFsE

Score

N/A

Malware Config

Signatures

Files

c484c2ab09cae0ea5e7381e558b33cb046e4c679347a01d1938436a37c1e156a
.dll windows x86

ecf284c80645986e7ed6692a2a33b2cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
LockResource
GetModuleHandleA
LocalSize
CloseHandle
LocalFree
SuspendThread
ResumeThread
SetFileAttributesA
GetProcAddress
FreeLibrary
InterlockedExchange
GetLastError
LoadLibraryA
RaiseException
LockFileEx
LocalReAlloc
GetFileAttributesA
HeapDestroy
GetProcessHeap
LockFile
UnlockFile
CompareFileTime
SystemTimeToFileTime
GlobalAddAtomA
GetCommandLineW
LoadResource
lstrcmpA
FindResourceA
lstrcpyA
GetSystemTime
VirtualProtectEx
MulDiv
SetFileTime
ExpandEnvironmentStringsA
GetModuleHandleW
SetEnvironmentVariableW
GetCurrentProcess
SizeofResource
WaitForSingleObject
LocalAlloc

user32

IsCharAlphaNumericA
GetWindow
SetClipboardViewer
UpdateWindow
GetClipboardViewer
SetWindowPos
SetCursorPos
MessageBoxA
GetDC
OpenIcon
EndPaint
SetWindowRgn
DrawTextW
GetParent
IsWindowEnabled
SetParent
BeginPaint
TranslateMessage
GetWindowTextW
PeekMessageA
TranslateAcceleratorA
SetClassLongA
GetWindowRgn
CreateWindowExW
DispatchMessageA
ValidateRgn
CallWindowProcA
SetWindowTextW
SetMessageQueue
GetMessageTime
GetMessagePos
GetClassLongA
MoveWindow
GetWindowLongW
GetClassWord
SwitchToThisWindow

gdi32

DPtoLP
GetCharWidthA
GetTextMetricsW
SetDCPenColor
Chord
GetPixel
RestoreDC
GetDeviceCaps
UnrealizeObject
DeleteObject
CreateCompatibleDC
GetObjectW
GetDCPenColor
SetTextJustification

advapi32

ReportEventA
GetOldestEventLogRecord
DeregisterEventSource
GetKernelObjectSecurity
OpenBackupEventLogW
OpenEventLogW
OpenEncryptedFileRawW
GetTokenInformation
ReadEncryptedFileRaw
ReadEventLogW

Exports

Exports

_AddCacheData@4
_CreateCacheData@12
_FindSelfObj@4
_GetCacheDataSize@16
_OpenCacheData@4

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

GLOBAL
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CONST
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TLS
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 830B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecf284c80645986e7ed6692a2a33b2cb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 3KB - Virtual size: 3KB

GLOBAL Size: 512B - Virtual size: 32B

CONST Size: 512B - Virtual size: 504B

TLS Size: 512B - Virtual size: 320B

.rsrc Size: 80KB - Virtual size: 80KB

.reloc Size: 1024B - Virtual size: 830B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 3KB - Virtual size: 3KB

GLOBAL
Size: 512B - Virtual size: 32B

CONST
Size: 512B - Virtual size: 504B

TLS
Size: 512B - Virtual size: 320B

.rsrc
Size: 80KB - Virtual size: 80KB

.reloc
Size: 1024B - Virtual size: 830B