96c0529fef9550e37f4a35ad9a363b122c8638cc6df3fee5d2fae450c5f38eeb

Sharing

Copy URL Twitter E-mail

General

Target

96c0529fef9550e37f4a35ad9a363b122c8638cc6df3fee5d2fae450c5f38eeb
Size

257KB
MD5

7f0814fda91c9fdb0afcaf25bab08cb1
SHA1

c00b602cf0c4db0cb3f29994a8270a4c1a88b28f
SHA256

96c0529fef9550e37f4a35ad9a363b122c8638cc6df3fee5d2fae450c5f38eeb
SHA512

415071152986f6f5423600424b2b71188685ae8a42bf7b05ccc55bd1097e3f51b96c9edf5749a7d09a084c11576628793ce1e5961d8ad556dce2c36825c8643b
SSDEEP

6144:d0g2ZiMlB4pBS1Xi42FnJuCa3NzKPtsCV6UsDFooE3:ig2ZiMHeGybHxttsMcq

Score

N/A

Malware Config

Signatures

Files

96c0529fef9550e37f4a35ad9a363b122c8638cc6df3fee5d2fae450c5f38eeb
.exe windows x86

db335b8243a5a53df4f93ee7223e5ed7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharLowerW
ExitWindowsEx
wsprintfA
CharUpperA
OemToCharBuffA
GetSystemMetrics
CharLowerA
CharUpperW
CharToOemBuffA

advapi32

OpenProcessToken
LookupAccountSidA
AllocateAndInitializeSid
LookupPrivilegeValueA
SetSecurityDescriptorDacl
DuplicateToken
AdjustTokenPrivileges
InitializeAcl
GetUserNameA
ImpersonateLoggedOnUser
FreeSid
DuplicateTokenEx
RevertToSelf
SetSecurityDescriptorSacl
CopySid
GetLengthSid
SetThreadToken
InitializeSecurityDescriptor
AddAccessAllowedAce
OpenThreadToken
GetTokenInformation
EqualSid

shlwapi

PathUnExpandEnvStringsA
PathUnExpandEnvStringsW
PathIsRootA
StrStrNW
PathSearchAndQualifyW
PathFindExtensionW
PathIsPrefixA
PathUnmakeSystemFolderW
PathRemoveBlanksA
PathIsUNCServerA
StrRStrIA
SHQueryInfoKeyW
PathAppendW
SHRegWriteUSValueW
DllGetVersion
UrlIsA
PathGetCharTypeW
StrCmpNW
PathRemoveBlanksW
UrlHashA
SHRegCloseUSKey
PathSearchAndQualifyA
SHSkipJunction
PathCommonPrefixA
StrCatChainW
PathIsSameRootA
UrlIsW
SHDeleteKeyA
SHIsLowMemoryMachine
StrRChrIA
StrToIntA
StrChrNW
PathBuildRootA
PathFindSuffixArrayW
StrCSpnA
UrlEscapeA
PathCommonPrefixW
StrFormatKBSizeA
ColorRGBToHLS

kernel32

WaitForSingleObjectEx
SetUnhandledExceptionFilter
CreateMutexA
ResetEvent
ReleaseSemaphore
OutputDebugStringA
lstrcpyW
HeapReAlloc
GetModuleHandleW
GetWindowsDirectoryA
GlobalMemoryStatus
UnhandledExceptionFilter
EnterCriticalSection
HeapAlloc
HeapFree
GetSystemDirectoryA
GetSystemTimeAsFileTime
SleepEx
QueryPerformanceFrequency
SetErrorMode
IsDebuggerPresent
OpenMutexA
ReleaseMutex
LeaveCriticalSection
VirtualUnlock
ExpandEnvironmentStringsW
GetSystemInfo
OpenProcess
VirtualProtect
HeapDestroy
CloseHandle
GetCurrentThreadId
HeapValidate
CreateSemaphoreW
OpenEventA
GetProcessHeap
ExpandEnvironmentStringsA
VirtualLock
CreateSemaphoreA
GetTempFileNameA
DeleteCriticalSection
VirtualAlloc
FreeLibrary
CreateEventA
PulseEvent
HeapSize
lstrcpyA
VirtualFree
WaitForSingleObject
WideCharToMultiByte
GetTempPathA
GetModuleHandleA
OpenSemaphoreA
GlobalMemoryStatusEx
GetStartupInfoW
VirtualAllocEx

tapi3

DllCanUnloadNow

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.UOxl
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GQKuR
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rebu
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lCAnT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gZuLycI
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dmItC
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LEKyy
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db335b8243a5a53df4f93ee7223e5ed7

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

shlwapi

kernel32

tapi3

Sections

.text Size: 18KB - Virtual size: 17KB

.UOxl Size: 2KB - Virtual size: 2KB

.GQKuR Size: 3KB - Virtual size: 2KB

.rebu Size: 1KB - Virtual size: 1KB

.lCAnT Size: 3KB - Virtual size: 2KB

.rdata Size: 209KB - Virtual size: 208KB

.gZuLycI Size: 2KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 284KB

.rsrc Size: 4KB - Virtual size: 3KB

.dmItC Size: 2KB - Virtual size: 2KB

.LEKyy Size: 2KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 17KB

.UOxl
Size: 2KB - Virtual size: 2KB

.GQKuR
Size: 3KB - Virtual size: 2KB

.rebu
Size: 1KB - Virtual size: 1KB

.lCAnT
Size: 3KB - Virtual size: 2KB

.rdata
Size: 209KB - Virtual size: 208KB

.gZuLycI
Size: 2KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 284KB

.rsrc
Size: 4KB - Virtual size: 3KB

.dmItC
Size: 2KB - Virtual size: 2KB

.LEKyy
Size: 2KB - Virtual size: 1KB