338aee9f6be97b3499127fef277b963ffaf7ebd6230fa144a042f048507fd5b9

Sharing

Copy URL

Twitter E-mail

General

Target

338aee9f6be97b3499127fef277b963ffaf7ebd6230fa144a042f048507fd5b9
Size

278KB
MD5

3dd9b46dba391a9c27960361d1a8c160
SHA1

281b7b7d6d970483b09efa64b5c765f0156aa162
SHA256

338aee9f6be97b3499127fef277b963ffaf7ebd6230fa144a042f048507fd5b9
SHA512

56b17789c5e0a4669ec87521fe0c880412657d9f9d6fd9a99b52d6d4c73066b77f413591621b4c57ed5a3877b8267df5802352a77a7d3b37a04edc1caeabe5af
SSDEEP

6144:gphzQ2tSb2jMGtblrE0jWxpOEpedcVSJ:6zQ2K2jfREwW/OEpedcVS

Score

N/A

Malware Config

Signatures

Files

338aee9f6be97b3499127fef277b963ffaf7ebd6230fa144a042f048507fd5b9
.dll windows x86

0266da6fc0a251493c040c05db87776a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
CreateFileW
GetWindowsDirectoryW
lstrcatW
GetVersionExW
HeapFree
MoveFileExW
GetModuleFileNameW
SetLastError
GetLastError
lstrcmpW
DeleteFileA
SetThreadExecutionState
CloseHandle
CreateProcessW
GetProcessHeap
GetModuleHandleA
GetStartupInfoA
OutputDebugStringW
CreateFileA
CreateMutexA
GetComputerNameW
SetFileAttributesA
SetFilePointer
GetCurrentThreadId
GetVersionExA
InitializeCriticalSection
DeleteCriticalSection
HeapReAlloc
HeapAlloc
ExitProcess
SetEvent
CreateEventA
FormatMessageW
FormatMessageA
LocalAlloc
LocalFree
GetWindowsDirectoryA
SetThreadLocale
GetThreadLocale
WideCharToMultiByte
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
WriteFile
ReleaseMutex
RaiseException
lstrcpyA
lstrlenA
WaitForMultipleObjects
InterlockedIncrement
InterlockedExchange
Sleep

user32

SetClipboardViewer
SendMessageA
SendMessageW
DefWindowProcA
LoadIconA

gdi32

GetStockObject

msvcrt

_c_exit
__CxxFrameHandler
iswcntrl
isxdigit
towlower
towupper
wcsncmp
wcslen
memmove
wcsrchr
wcsspn
iswspace
iswascii
wcspbrk
wcschr
wcsstr
_wcsnicmp
_wtol
_vsnwprintf
_wcsicmp
_CIpow
_purecall
swscanf
_ftol
iswdigit
_wtoi
iswalnum
_wtoi64
_controlfp
wcstoul
floor
memcmp
atoi
memset
_snwprintf
wcsncpy
wcscpy
memcpy
free
strchr
_exit
_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
isdigit
ceil
_vsnprintf
_strnicmp
malloc
wcscat
rand
realloc
toupper
isspace
atol
swprintf
_stricmp
strncpy
wcscspn
_wcsupr
wcstombs
bsearch
_ultow
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
abs
qsort
wcscmp
srand
_beginthreadex

advapi32

RegOpenKeyExA
SetFileSecurityW
GetFileSecurityW
RegCloseKey
RegQueryValueExW
RegQueryValueExA
RegSetValueExW
RegSetValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegEnumValueW
RegEnumValueA
RegEnumKeyA
RegCreateKeyExW
RegCreateKeyExA
GetUserNameA

shell32

SHGetMalloc
SHFileOperationA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

shlwapi

PathGetCharTypeA
PathRemoveBackslashW
PathRemoveFileSpecW
UrlCombineW
PathGetCharTypeW
PathUndecorateW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata2
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0266da6fc0a251493c040c05db87776a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

shell32

shlwapi

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata5 Size: 512B - Virtual size: 100B

.rdata4 Size: 512B - Virtual size: 100B

.rdata3 Size: 512B - Virtual size: 100B

.rdata Size: 1024B - Virtual size: 624B

.data Size: 4KB - Virtual size: 4KB

.rdata2 Size: 245KB - Virtual size: 244KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 1024B - Virtual size: 828B

.text
Size: 4KB - Virtual size: 4KB

.rdata5
Size: 512B - Virtual size: 100B

.rdata4
Size: 512B - Virtual size: 100B

.rdata3
Size: 512B - Virtual size: 100B

.rdata
Size: 1024B - Virtual size: 624B

.data
Size: 4KB - Virtual size: 4KB

.rdata2
Size: 245KB - Virtual size: 244KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 1024B - Virtual size: 828B