7ec71d1b31eadd79bfa38004dbfabb655f674aa20c0d0b6f8bee203166a12eb9

Sharing

Copy URL Twitter E-mail

General

Target

7ec71d1b31eadd79bfa38004dbfabb655f674aa20c0d0b6f8bee203166a12eb9
Size

100KB
MD5

6bdb84e9eb44c93220c9d5cfd60ad990
SHA1

1f47b84a94ff5fe6c033e961e7ab606e51a4c7da
SHA256

7ec71d1b31eadd79bfa38004dbfabb655f674aa20c0d0b6f8bee203166a12eb9
SHA512

593567a5c7db127c3791ca363549b14bb690ae33e50ced09a92bc727395e35459090b48e4d5c43364792e5dcb238c56655b6d2e424359cfb7777875f5c9bad77
SSDEEP

3072:AOhuX/4CR1K25ifqm+8EFojnmfElBP6VdSg9:AxRE25fDoUfTSC

Score

N/A

Malware Config

Signatures

Files

7ec71d1b31eadd79bfa38004dbfabb655f674aa20c0d0b6f8bee203166a12eb9
.dll windows x86

92b233d3c375cb279329891f0f9e9581

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
FreeSid
GetAccessPermissionsForObjectW
GetSecurityDescriptorDacl
GetSecurityDescriptorOwner
GetServiceDisplayNameA
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
SetNamedSecurityInfoA
SetNamedSecurityInfoW
SystemFunction017

gdi32

GetCharWidthW
AbortPath

kernel32

VirtualAlloc
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessW
FormatMessageA
FreeLibrary
GetCommMask
GetCurrentDirectoryA
GetCurrentProcess
GetLastError
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GetSystemInfo
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
HeapAlloc
HeapFree
LoadLibraryA
LoadLibraryExA
LocalFree
MoveFileA
MultiByteToWideChar
SetCurrentDirectoryA
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
LoadResource
FindResourceA
CompareStringW
CompareStringA
GetLocaleInfoW
SetEnvironmentVariableA
VirtualProtect
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
GetCommandLineA
ExitProcess
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

ole32

EnableHookObject
STGMEDIUM_UserMarshal

user32

wsprintfA
MessageBoxExA
LoadStringA
ExcludeUpdateRgn
CharPrevA
CharNextA

Exports

Exports

kzngachnh

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92b233d3c375cb279329891f0f9e9581

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

user32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 28KB - Virtual size: 27KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 28KB - Virtual size: 27KB

.reloc
Size: 4KB - Virtual size: 3KB