1788de3155fbe8c3a4e35d9b1ea48c3df0fb2a1c34583b48e4fd044a9a419aa9

Sharing

Copy URL Twitter E-mail

General

Target

1788de3155fbe8c3a4e35d9b1ea48c3df0fb2a1c34583b48e4fd044a9a419aa9
Size

138KB
MD5

b087c0c254d77b263dd21034ae5f0f80
SHA1

9051021f5bd983c5892f585cc7894280512e74b0
SHA256

1788de3155fbe8c3a4e35d9b1ea48c3df0fb2a1c34583b48e4fd044a9a419aa9
SHA512

81a77580cceb8fee22175817632115ea1c3e7f3021389e2bdc98d82d054592d62a65dce6175e5539d5b4c4f8fea52b47a7429a21a7118dc2fab0a45f66f68265
SSDEEP

3072:CF6RCB865k4yJryEqyX9Hu4czcV6ffQb4IL4WU3OEI:CARCarBykDcEShY

Score

N/A

Malware Config

Signatures

Files

1788de3155fbe8c3a4e35d9b1ea48c3df0fb2a1c34583b48e4fd044a9a419aa9
.dll windows x86

443336c67b5eb1a236ce7b5df00a0054

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
LookupAccountNameW
RegDeleteValueA
RegSetValueExA
RegisterServiceCtrlHandlerW
RegCreateKeyW
OpenServiceW
CryptHashData
RegCreateKeyA
CryptDeriveKey
RegDeleteKeyA
CryptDestroyKey
RegQueryValueExA
RegEnumKeyExA
OpenEventLogW
EqualSid
RegSetValueExW

kernel32

GetVersion
CreateRemoteThread
GlobalHandle
MulDiv
GetCommandLineW
GetSystemDirectoryA
CopyFileW
WaitForSingleObject
GetWindowsDirectoryW
GetShortPathNameA
GetFullPathNameW
SetFilePointer
OpenSemaphoreW
FindClose
ResumeThread
LoadLibraryW
ClearCommError
GetFileType
OpenFileMappingW
GetCurrentThreadId
SetUnhandledExceptionFilter
TransactNamedPipe
ConnectNamedPipe
SetEndOfFile
FindNextFileW
LocalLock
WinExec
CreateSemaphoreA
CancelWaitableTimer
GetTempFileNameW
FindFirstFileW
DuplicateHandle
CopyFileA
GetProcAddress
UnmapViewOfFile
VirtualFree
InitializeCriticalSection
IsValidLanguageGroup
SetThreadContext
SetNamedPipeHandleState
FindResourceW
VirtualQuery
HeapFree
FindFirstFileA
HeapValidate
ReleaseSemaphore
GetModuleFileNameA
FlushFileBuffers
GetOverlappedResult
GetSystemDefaultLangID
GetTimeFormatA
ReleaseMutex
SetFileAttributesW
GetBinaryTypeA
lstrcpyA
CreateFileMappingA
TlsFree
GlobalFindAtomW
VerifyVersionInfoW
SetCurrentDirectoryW
GetCommState
GetLastError
GetPriorityClass

shlwapi

StrToIntA
PathIsFileSpecW

user32

IsIconic

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.netd
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vnet
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kopr
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mant
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sert
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.loba
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

443336c67b5eb1a236ce7b5df00a0054

Headers

File Characteristics

Imports

advapi32

kernel32

shlwapi

user32

Sections

.text Size: 67KB - Virtual size: 67KB

.netd Size: 512B - Virtual size: 28B

.vnet Size: 512B - Virtual size: 64B

.data Size: 5KB - Virtual size: 4KB

.kopr Size: 18KB - Virtual size: 17KB

.mant Size: 17KB - Virtual size: 17KB

.sert Size: 9KB - Virtual size: 8KB

.loba Size: 15KB - Virtual size: 14KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 67KB - Virtual size: 67KB

.netd
Size: 512B - Virtual size: 28B

.vnet
Size: 512B - Virtual size: 64B

.data
Size: 5KB - Virtual size: 4KB

.kopr
Size: 18KB - Virtual size: 17KB

.mant
Size: 17KB - Virtual size: 17KB

.sert
Size: 9KB - Virtual size: 8KB

.loba
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB