52058b34217bdb00572872a66f68fb79d9a182042902174471250fb61f733ced

Sharing

Copy URL Twitter E-mail

General

Target

52058b34217bdb00572872a66f68fb79d9a182042902174471250fb61f733ced
Size

112KB
MD5

02c88582cbaf70e7291ca02b98d1f710
SHA1

41248f53e5b2dfdc40531540210f581706b1bb48
SHA256

52058b34217bdb00572872a66f68fb79d9a182042902174471250fb61f733ced
SHA512

fb12a62f0eca935d438ed21737dc72500b37719b6ba35cf05a099d5dd949778d0708a204b18caa0b00a231a10b3512c10f90837768e2eb12772510fe42380bee
SSDEEP

3072:8xoiIFxNVVaIi/8Q7ZDut+0Z7L9Qgdk8lH:8wVVa//1ZDut+OL9

Score

N/A

Malware Config

Signatures

Files

52058b34217bdb00572872a66f68fb79d9a182042902174471250fb61f733ced
.dll windows x86

59ee1716ef6aa0b608e1ab20d86f0055

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileExA
GetCommConfig
GetVolumePathNameW
SetFileAttributesW
GetConsoleAliasA
GetCurrentProcess
GetLocalTime
GetPrivateProfileSectionNamesA
GetFileSizeEx
GlobalDeleteAtom
DefineDosDeviceW
GetCurrentDirectoryA
SetLocaleInfoW
GetEnvironmentStringsW
CreateFileW
GetLongPathNameA
GetUserDefaultLangID
SetCalendarInfoA
GetProcessShutdownParameters
GetDiskFreeSpaceExA
RegisterWowExec
WriteProfileStringA
LockFile
FreeLibrary
InitializeCriticalSection
ExpandEnvironmentStringsW
lstrcatA
GetConsoleScreenBufferInfo
GetSystemTime
VirtualProtect
SetupComm
ReadConsoleOutputAttribute
SetInformationJobObject
lstrcmpiW
CreateJobObjectA
IsValidLocale
WritePrivateProfileStringA
GetConsoleCommandHistoryW
OpenEventW
CreateMailslotA
CreatePipe
GetProcessHeap
ConsoleMenuControl
CreateEventA
GetConsoleHardwareState
GetCurrentProcessId
GetThreadPriority
SetConsoleScreenBufferSize
PrepareTape
GetLogicalDrives
WriteConsoleInputVDMA
GetVolumeNameForVolumeMountPointA
GetStartupInfoW
UnlockFile
LoadLibraryW
FindNextVolumeA
FindResourceA
GetLocaleInfoW
GetCommandLineW
FileTimeToSystemTime
GetStringTypeExA
GetHandleInformation
GetModuleHandleA
ReplaceFile
CreateFileA
GetTickCount
SetVolumeMountPointA
QueryInformationJobObject
GetModuleFileNameW
LockResource
FormatMessageA
GetConsoleAliasExesLengthA
EnumDateFormatsW
BuildCommDCBAndTimeoutsW
WritePrivateProfileStringW
FindFirstVolumeA
GetVersion
WriteProfileSectionW
SetConsoleCP
FindNextVolumeMountPointW
TlsSetValue
Heap32Next
LoadLibraryA
VirtualAlloc
GetProcAddress
SetPriorityClass

gdi32

GetObjectA
GetStockObject
DeleteDC
CreateCompatibleDC
ResetDCW
SetPixelFormat
CreateCompatibleBitmap
GetTextFaceA
FillRgn
CombineRgn
InvertRgn
UnrealizeObject
CreateFontIndirectA
GdiPlayPrivatePageEMF
SetDIBColorTable
GdiArtificialDecrementDriver
SelectObject
CreateEllipticRgn
LineTo
PolyBezier

advapi32

OpenServiceW
SetEntriesInAccessListA
LsaOpenAccount
ElfOpenEventLogW
LsaRetrievePrivateData
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegOpenKeyExW
InitializeAcl
FileEncryptionStatusA
AccessCheck
RegOpenKeyExA
SystemFunction009
GetSecurityDescriptorOwner
CryptSetProviderExW
CryptSignHashA
LsaRemoveAccountRights
GetCurrentHwProfileW
ClearEventLogW
RegisterEventSourceW
SystemFunction002
QueryUsersOnEncryptedFile
QueryServiceObjectSecurity
GetAce
LsaCreateTrustedDomain

winmm

waveInGetDevCapsW
PlaySoundA
waveOutUnprepareHeader
mciGetDeviceIDA
DefDriverProc
mmioAdvance
auxGetNumDevs
waveOutMessage
mmTaskSignal
waveInGetPosition
timeBeginPeriod
mmioRead
mmioRenameW
waveOutBreakLoop
timeSetEvent
OpenDriver
mmioClose
waveOutSetPlaybackRate
midiOutUnprepareHeader
mmioRenameA
timeGetTime
waveOutGetPosition
mmioSendMessage
waveOutGetErrorTextW
waveOutClose
WOW32DriverCallback

msvcrt

_adj_fptan
_mbsnset
_mbsnicmp
_mbsrchr
_mbsnbcpy
_wexecvp
_wgetdcwd
time
_wunlink
__unDNameEx
feof
memset
printf
_ismbcl0
fwprintf
_get_sbh_threshold
_chsize
ftell
_ismbcspace
_adj_fpatan
_unlink
_wcreat
cos
_getdrive
fread
_wfindnexti64
_fpreset
_ismbbkana
fputs
__p___winitenv
fclose
_CItan
_sys_nerr
fseek
_creat
_wfreopen
fputc
_strcmpi
fsetpos
_mbsinc
strncpy
sprintf
floor
fopen
_cprintf
_mbschr
_setsystime
_wspawnve
ferror
_copysign
_fstat
fprintf
fwrite
_mbccpy
_fputwchar

Exports

Exports

Hgiyu
Ujrob

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59ee1716ef6aa0b608e1ab20d86f0055

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

winmm

msvcrt

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 52KB - Virtual size: 48KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 52KB - Virtual size: 48KB

.reloc
Size: 8KB - Virtual size: 4KB