00af617a8f42b1fd7da3ae7b89a63d4113de5e57ea070aa39950fda15158af17

Sharing

Copy URL Twitter E-mail

General

Target

00af617a8f42b1fd7da3ae7b89a63d4113de5e57ea070aa39950fda15158af17
Size

116KB
MD5

245c6ddd4ac1e5504723c05de421af90
SHA1

70d118c1a25520af9cbf067deacf8a7bea9f2f25
SHA256

00af617a8f42b1fd7da3ae7b89a63d4113de5e57ea070aa39950fda15158af17
SHA512

c6f4de94d928609b75b3f92cb6f928ba19726164caff7472f1130bfaea54ffa9fb8472010d557a0af56ad02075f6bd5c81f39c83019aa6ef384c443a934f9c8b
SSDEEP

1536:bMbPf0VT1EeOVzOTLOhT5SnDf72o5yLH6xkFurvGvVRvem0Juh7czgiTrEnYo7X8:+f0lOxjK2oyRUvGmm8uh7Dn77gz

Score

N/A

Malware Config

Signatures

Files

00af617a8f42b1fd7da3ae7b89a63d4113de5e57ea070aa39950fda15158af17
.dll windows x86

c73547fbc5bdf5b79c87214b76dbf17a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
LockServiceDatabase
GetSecurityDescriptorControl
RegEnumValueW
RegDeleteValueA
RegQueryInfoKeyA
RegCreateKeyExW
RegEnumValueA
UnlockServiceDatabase
ChangeServiceConfig2A
ChangeServiceConfigA
RegOpenKeyW
RegFlushKey
EqualSid
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
CloseServiceHandle
RegEnumKeyExA

version

GetFileVersionInfoSizeA

kernel32

RtlUnwind
GetStringTypeW
IsValidLocale
GetHandleInformation
LoadLibraryA
GetProcAddress
GetModuleHandleA
VirtualAlloc
InterlockedExchange
CreateDirectoryA
CreateDirectoryW
LeaveCriticalSection
FindResourceExW
GetModuleFileNameW
GetThreadTimes
CreateMutexW
GetTempFileNameW
GlobalHandle
lstrcpyW
lstrcatA
SetThreadPriority
LocalFree
GetProcessHeap
GetCurrentDirectoryA
GetStartupInfoA
SetCurrentDirectoryW
UnmapViewOfFile
GetLocaleInfoA
GetLastError
ResumeThread
GlobalFree
GetTempPathW
lstrcmpiW
LocalAlloc
GlobalReAlloc
GetCurrentThread
HeapReAlloc
InterlockedIncrement
SetStdHandle
CreateProcessA
WriteFile
lstrcmpiA
GetVersionExW
GetSystemInfo
HeapSize
lstrcpynA
GetCurrentDirectoryW
ReleaseMutex
IsBadReadPtr
SetHandleCount
GetStartupInfoW
CreateMutexA
SearchPathW
GetVersionExA
HeapFree
GetTempFileNameA
lstrlenA
GetLocaleInfoW
DeleteCriticalSection
GetFileSize
LockResource
SetEndOfFile
ReadFile
LCMapStringW
lstrcmpA
GlobalUnlock
CreateFileMappingW
InitializeCriticalSection
MapViewOfFile
LoadResource
VirtualFree
ExitProcess
GetSystemTime
HeapAlloc
GetCommandLineA
GetVersion
EnterCriticalSection
HeapDestroy
HeapCreate
FatalAppExitA
IsBadWritePtr
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetStdHandle
GetFileType
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
CloseHandle
CreateFileA
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers
SetFilePointer
MultiByteToWideChar
LCMapStringA
GetStringTypeA

Exports

Exports

mgovnq

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c73547fbc5bdf5b79c87214b76dbf17a

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 48KB - Virtual size: 51KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 48KB - Virtual size: 51KB

.reloc
Size: 8KB - Virtual size: 5KB