125eef210cc32d4ff4f4e5266fbc069d2b6ad1c34b4636c173ca2edebbc48a4f

Sharing

Copy URL Twitter E-mail

General

Target

125eef210cc32d4ff4f4e5266fbc069d2b6ad1c34b4636c173ca2edebbc48a4f
Size

276KB
MD5

de8153340f55235b36b849dfb2a2a9e0
SHA1

9e7e125ca0060dc9669a64fc0df912993774ecfb
SHA256

125eef210cc32d4ff4f4e5266fbc069d2b6ad1c34b4636c173ca2edebbc48a4f
SHA512

faed207b78a3537d006ba14f72b78d31a3ae7cda79b6625f17c9ab66612b9683c5311e4ceeb77850e4a05491bf6d6d006ffc7ed42ee1d67da4530936f5d555fb
SSDEEP

3072:pp3jVyxnbioM2/rwqhjAF9tVXBr6NTbXDtZH5jYyvyt9qe8lxjFzXm0bAglhffMH:zJSnbii6FiTbXDD5xvytse2zX9bFl

Score

N/A

Malware Config

Signatures

Files

125eef210cc32d4ff4f4e5266fbc069d2b6ad1c34b4636c173ca2edebbc48a4f
.dll windows x86

2fa877b8851b1f93702beb5de061dc2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
SystemTimeToFileTime
SetFileTime
UnlockFile
LockFile
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
DuplicateHandle
WriteConsoleA
SetConsoleMode
ReadConsoleA
HeapSize
HeapWalk
HeapCompact
HeapValidate
CreateProcessW
CreateProcessA
GetExitCodeProcess
MoveFileA
GetDriveTypeW
CreateDirectoryW
SetFileAttributesW
SetCurrentDirectoryW
GetCurrentDirectoryW
DeleteFileA
RemoveDirectoryA
CreateDirectoryA
GetDriveTypeA
GetFullPathNameA
SetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetLogicalDrives
FileTimeToLocalFileTime
FileTimeToSystemTime
Beep
SetEnvironmentVariableA
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
CompareStringW
CompareStringA
SetStdHandle
FlushFileBuffers
InterlockedDecrement
SetConsoleCtrlHandler
LCMapStringA
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetProcAddress
GetOEMCP
GetCPInfo
GetStartupInfoA
GetFileType
SetHandleCount
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
HeapAlloc
HeapFree
FindNextFileW
FindNextFileA
GetCommandLineW
ExitThread
CreateThread
ResumeThread
GetVersion
WriteFile
ExitProcess
GetModuleFileNameW
GetModuleFileNameA
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
RtlUnwind
CreateFileA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetFilePointer
SetEndOfFile
GetFileAttributesExW
GetCurrentThread
GetFileInformationByHandle
FindClose
GetCompressedFileSizeW
LocalFree
GetTempPathW
GetFileAttributesW
RemoveDirectoryW
OutputDebugStringA
GetModuleHandleW
GetVolumeInformationW
CreateFileW
LoadLibraryExW
GetComputerNameExW
FindFirstFileW
GetFullPathNameW
LoadLibraryA
FreeLibrary
SetLastError
ReadFile
CloseHandle
GetLastError
SetErrorMode
GetStdHandle
GetConsoleMode
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsGetValue
GetExitCodeThread
OpenThread
LoadLibraryW
GetFileAttributesA
WideCharToMultiByte
GetModuleHandleA
GetVersionExA
GetSystemInfo
lstrcmpiA
QueryPerformanceFrequency
MultiByteToWideChar
VirtualQuery
InitializeCriticalSection
Sleep
QueryPerformanceCounter
GetSystemTimeAsFileTime
IsDebuggerPresent
lstrcmpiW
SearchPathW
GetVersionExW
GetSystemDefaultLangID
GetWindowsDirectoryW
GetSystemDirectoryW
lstrlenW
lstrcpyW
lstrlenA
WaitForMultipleObjects
lstrcpynW
ReleaseSemaphore
SetEnvironmentVariableW
GetACP
GetThreadLocale
DisableThreadLibraryCalls
InterlockedExchange
LocalAlloc
GetCommandLineA
TlsSetValue
GetDiskFreeSpaceA
EnumCalendarInfoA
GetFileSize
GlobalGetAtomNameW
GetProcessHeap
IsDBCSLeadByte
FindResourceA
LoadResource
SizeofResource
InterlockedCompareExchange
lstrcmpA
TlsFree
InterlockedIncrement

user32

GetCursorPos
GetScrollInfo
GetSystemMetrics
CharToOemA
SetRect
FillRect
EndPaint
ClientToScreen
CreateDialogParamA
CheckMenuItem
TrackPopupMenuEx
CallWindowProcA
DefWindowProcA
ReleaseDC
GetDC
GetWindowLongA
ScrollWindowEx
DrawTextA
UpdateWindow
ShowWindow
LoadIconA
LoadMenuA
LoadCursorA
TranslateAcceleratorA
LoadAcceleratorsA
EnableMenuItem
GetMenu
SetWindowLongA
InsertMenuItemA
CreatePopupMenu
SetWindowPos
SetScrollInfo
DialogBoxParamA
OemToCharA
GetKeyboardType
LoadStringW
LoadStringA
ScreenToClient
CharNextA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

advapi32

RegCloseKey
OpenThreadToken
DeregisterEventSource
RegQueryValueExW
RegOpenKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetTokenInformation
GetExplicitEntriesFromAclW
ReportEventW
GetUserNameW
GetFileSecurityW
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
FreeSid
SetSecurityDescriptorOwner
AllocateAndInitializeSid
RegQueryValueExA
RegSetValueExA
GetSecurityDescriptorControl
GetNamedSecurityInfoW
SetSecurityDescriptorControl
RegDeleteKeyW
AccessCheck

shell32

SHGetMalloc
ShellExecuteW
SHGetFolderPathW

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoSetProxyBlanket
StringFromCLSID
CoQueryProxyBlanket
CoCreateInstance

oleaut32

SysFreeString

msvcrt

memset
strncmp
isdigit
atoi
atol
toupper
fread
realloc
wctomb
fclose
isxdigit
isleadbyte
calloc
isspace
ftell
malloc
free
strchr
strtok
strrchr
strncpy
memmove
wcsrchr
wcschr
wcstok
wcsncpy
fseek
bsearch
localeconv
wcstombs

comctl32

InitCommonControlsEx

wininet

InternetOpenUrlW
InternetReadFile
HttpQueryInfoW
InternetSetOptionW
InternetGetConnectedStateExW
InternetOpenW

Exports

Exports

ATheAccess
OfYourAccesses
ServerCALsForThe
TheAny
TheIdentifiedDeviceSeparateUsers
YourInstancesNot

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fa877b8851b1f93702beb5de061dc2a

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

msvcrt

comctl32

wininet

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 92KB - Virtual size: 162KB

.rsrc Size: 24KB - Virtual size: 21KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 92KB - Virtual size: 162KB

.rsrc
Size: 24KB - Virtual size: 21KB

.reloc
Size: 4KB - Virtual size: 1KB