c6b85a0f7d86f7dba09b6d7091f26565ada6e67646a295b05507f29cc8efd5ba

Sharing

Copy URL Twitter E-mail

General

Target

c6b85a0f7d86f7dba09b6d7091f26565ada6e67646a295b05507f29cc8efd5ba
Size

440KB
MD5

ffa6052466cc4145da4e5586f338ee63
SHA1

7861a6a3eb323a7cff379e4adb4d94e0d03a431d
SHA256

c6b85a0f7d86f7dba09b6d7091f26565ada6e67646a295b05507f29cc8efd5ba
SHA512

e8377b8575bf32d38a357a3f9161ba079a3dc168a030c4595ee9433c9004d090793c66490b44ffeacfce3c18a957a3b025e640d9f7987e9f2ee5ed2d10e2009b
SSDEEP

12288:PYhE/SGvmabJilfq5ZtyCVTK2M0/j2Uy4VnIJtqwm5DoykV/J+kTH17sHBZ2/rjl:PGE/SGvi26Tm5DqTH17sHBML7a8QFl1I

Score

N/A

Malware Config

Signatures

Files

c6b85a0f7d86f7dba09b6d7091f26565ada6e67646a295b05507f29cc8efd5ba
.dll windows x86

f8753e607c65918b466a6eee15312717

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

_adjust_fdiv
_chmod
rename
__dllonexit
_initterm
_onexit
isdigit
_mbctype
??3@YAXPAX@Z
rand
memmove
strchr
_stricmp
strftime
_iob
fprintf
__CxxFrameHandler
difftime
time
strncpy
localtime
mktime
sprintf
strstr
printf
atol
_purecall
atoi
_ismbcspace
_vsnprintf
free
realloc
_lseeki64
malloc
_telli64
_errno
_chsize
_fstat
isspace
iscntrl
_strnicmp
strncmp
strpbrk
tolower
strrchr
getenv
??2@YAPAXI@Z
_stat
_strcmpi
_putenv
_sopen
_unlink
_write
_read
_tell
_lseek
_chdir
_open
_creat
_close
_mkdir
_rmdir
_getcwd

ole32

CoCreateInstance
CoInitialize
CoUninitialize

user32

wsprintfA
CharLowerA
SendMessageTimeoutA
EnumWindows
GetSystemMetrics
GetWindowLongA
SetWindowLongA
DestroyIcon
SystemParametersInfoA
SetWindowPos
SetForegroundWindow
CharNextA
CharPrevA
DdeDisconnect
DdeGetLastError
DdeConnect
DdeCreateStringHandleA
DdeFreeStringHandle
DdeInitializeA
DdeUninitialize
DdeFreeDataHandle
DdeGetData
DdeClientTransaction
FindWindowA

advapi32

RegEnumValueA
RegEnumKeyA
RegCloseKey
RegOpenKeyA
RegSetValueA
RegEnumKeyExA
RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

shell32

SHChangeNotify
ExtractIconExA

kernel32

GetDiskFreeSpaceA
GetShortPathNameA
WideCharToMultiByte
GetTickCount
MultiByteToWideChar
DeleteFileA
GlobalMemoryStatus
CopyFileA
CreateMutexA
GetLastError
Sleep
GetPrivateProfileStringA
GetVersionExA
WritePrivateProfileStringA
GetWindowsDirectoryA
LoadLibraryA
GetPrivateProfileSectionNamesA
FreeLibrary
CreateFileA
GetProcAddress
ReadFile
SetFilePointer
GetFileSize
CloseHandle
InterlockedIncrement
WriteFile
WaitForSingleObject
GetModuleFileNameA
GetCurrentProcess
GetSystemDirectoryA
lstrcpynA
lstrcpyA
GetProfileStringA
GetSystemInfo
UnmapViewOfFile
WinExec
CreateFileMappingA
GetTempFileNameA
MapViewOfFile
SetProcessWorkingSetSize
lstrlenA
SetErrorMode
FindFirstFileA
FindNextFileA
FindClose
GetDriveTypeA
GetTempPathA
GetVersion
ResetEvent
SetEvent
CreateEventA
InterlockedDecrement

Exports

Exports

?DdeCallback@@YGPAUHDDEDATA__@@IIPAUHCONV__@@PAUHSZ__@@1PAU1@KK@Z
EventCallback
OnInstall
OnUninstall
RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 300KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_DATA
Size: 4KB - Virtual size: 378B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f8753e607c65918b466a6eee15312717

Headers

File Characteristics

Imports

pncrt

ole32

user32

advapi32

shell32

kernel32

Exports

Exports

Sections

.text Size: 300KB - Virtual size: 298KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 16KB - Virtual size: 20KB

_DATA Size: 4KB - Virtual size: 378B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 20KB - Virtual size: 17KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 300KB - Virtual size: 298KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 16KB - Virtual size: 20KB

_DATA
Size: 4KB - Virtual size: 378B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 20KB - Virtual size: 17KB

.rmnet
Size: 60KB - Virtual size: 60KB