2690a7f4111340b2ffcc9a8feae33140878fd1f1062bb8848ec9d3110384dec1

Sharing

Copy URL Twitter E-mail

General

Target

2690a7f4111340b2ffcc9a8feae33140878fd1f1062bb8848ec9d3110384dec1
Size

360KB
MD5

d9f701947f93b69a835fcf75c73ceab0
SHA1

ed2e814641fe2b31cb3e05ed16a83a62faf6e254
SHA256

2690a7f4111340b2ffcc9a8feae33140878fd1f1062bb8848ec9d3110384dec1
SHA512

9deb3cc738f276dfc5b99d8719ff89eee9824411f05c960eac6d5e974dfaff4afb8ed8a9502c4c996dc543b5c33fbfc7a7dc9f00125076db86a3d336e7eac4f1
SSDEEP

6144:wDZ+iWIlV3NzMVBdY10jHS9ZrCp6nRfSgcDPtxNL3P8bTSf:w533NgVBq1079ef5cDVr0b

Score

N/A

Malware Config

Signatures

Files

2690a7f4111340b2ffcc9a8feae33140878fd1f1062bb8848ec9d3110384dec1
.dll windows x86

47eaf647416bd4d35d7eb19b51b40798

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

LoadTypeLi
SysFreeString
UnRegisterTypeLi
SysAllocString
SysStringLen
RegisterTypeLi
VarUI4FromStr

shell32

ShellExecuteW

advapi32

RegEnumKeyExW
RegCloseKey
RegQueryValueExW
CryptGetKeyParam
RegSetValueExW
RegCreateKeyExW
RegQueryInfoKeyW
RegOpenKeyExW

ole32

CoTaskMemAlloc
CoInitialize
CoTaskMemRealloc
CoInitializeEx
CoUninitialize
CoCreateInstance

kernel32

InterlockedExchange
LeaveCriticalSection
DeviceIoControl
GetDateFormatA
CloseHandle
EnterCriticalSection
GetSystemTimeAsFileTime
GetCurrentThreadId
LocalAlloc
ReadFile
FreeLibrary
VirtualAlloc
GetTickCount
SetEvent
InterlockedCompareExchange
LoadResource
SetUnhandledExceptionFilter
WideCharToMultiByte
CreateMutexW
QueryPerformanceCounter
lstrcmpiW
GetVersionExA
GlobalAlloc
MultiByteToWideChar
CreateFileW
UnhandledExceptionFilter
Sleep
DeleteCriticalSection
GetModuleHandleA
LocalFree
GlobalFree
RaiseException
InterlockedIncrement
WaitForSingleObject
lstrlenW
GetModuleFileNameW
InterlockedDecrement
GetLastError
TerminateProcess
GetCurrentProcessId
GetModuleHandleW
InitializeCriticalSection

Exports

Exports

ExecCodeModuleEx
NewWrapper
SetEncoding
StringAFromFormat
UnicodeFilename
VaParse
_Concat

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47eaf647416bd4d35d7eb19b51b40798

Headers

File Characteristics

Imports

oleaut32

shell32

advapi32

ole32

kernel32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 52KB - Virtual size: 52KB

.rsrc Size: 60KB - Virtual size: 59KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 60KB - Virtual size: 59KB

.reloc
Size: 8KB - Virtual size: 7KB