98d3855dc55740906b27ee86ea73e752bb11826ba61feb6023ea73b5c7cc226f

Sharing

Copy URL Twitter E-mail

General

Target

98d3855dc55740906b27ee86ea73e752bb11826ba61feb6023ea73b5c7cc226f
Size

288KB
MD5

0505ab217c4446d000fbc1f8b74480d0
SHA1

a3265ca39ae44c35b3b9f0e5a991bea0bc0117ab
SHA256

98d3855dc55740906b27ee86ea73e752bb11826ba61feb6023ea73b5c7cc226f
SHA512

1fbc71c7048073f49f68898955aad45b234f80a845bf3fd15bbc522c2f57665382e9a94c032e1f4b2634802dff4832151c8c83a69ff46581dc4291ac318a5b20
SSDEEP

3072:l7OMjKkGEmvEQhCtHUwxkBs2E73om+YLig/tMjh58D5iBNYa31tR4yo6:l77jnGEYEQcVSU+Qt8nH3JHo6

Score

N/A

Malware Config

Signatures

Files

98d3855dc55740906b27ee86ea73e752bb11826ba61feb6023ea73b5c7cc226f
.dll windows x86

3a0445407d5a81ce7604194e2ac89a87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ConvertSecurityDescriptorToAccessA
GetLengthSid
LookupAccountSidW
LsaQueryInformationPolicy
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW

kernel32

CloseHandle
CreateFileW
FormatMessageW
FreeLibrary
GetCurrentProcess
GetModuleHandleW
LoadLibraryW
LocalAlloc
LocalFree
MultiByteToWideChar
Process32FirstW
QueryDosDeviceW
RemoveDirectoryA
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
lstrcatW
lstrcmpiW
lstrcpyW
lstrlenW
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualProtect
GetProcAddress
GetModuleHandleA
GetSystemInfo
VirtualQuery
GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
RtlUnwind
RaiseException
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
Sleep
ExitProcess
FatalAppExitA
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
SetConsoleCtrlHandler
InterlockedExchange
LoadLibraryA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapSize
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetTimeZoneInformation
SetEndOfFile
ReadFile
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA

ole32

BindMoniker

user32

wsprintfW
CharPrevA
CloseWindow
LoadStringW
SetScrollRange

Exports

Exports

Xvtozjf

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a0445407d5a81ce7604194e2ac89a87

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 189KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 20KB - Virtual size: 29KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 192KB - Virtual size: 189KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 20KB - Virtual size: 29KB

.reloc
Size: 12KB - Virtual size: 8KB