90675053ffcd81d2f7ca40035344be0f6d2f2e4201d3829085f2614ccf2ade43

Sharing

Copy URL Twitter E-mail

General

Target

90675053ffcd81d2f7ca40035344be0f6d2f2e4201d3829085f2614ccf2ade43
Size

208KB
MD5

41739d6c6031db7ecc14d99597aa3b90
SHA1

46d54e50f65a28d4e7766f82a96d52b692ff2448
SHA256

90675053ffcd81d2f7ca40035344be0f6d2f2e4201d3829085f2614ccf2ade43
SHA512

63ec475ff09c3b6504541a08bbc3d72cbf314f493de0b716c2ace7e39b3382809b8be03d77ce50494251af7b72ccbbeae8cea2c5bf6f47cf8dd428818d64686a
SSDEEP

3072:PZSZbEXf60bN9Na7G8T9lOcBYdRsGqBwZ/0KcoFPE9:PAVb8bNJ8T9lOcqdtqBa

Score

N/A

Malware Config

Signatures

Files

90675053ffcd81d2f7ca40035344be0f6d2f2e4201d3829085f2614ccf2ade43
.dll windows x86

d68099df983cfefc55a0884e27f520a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetFileSecurityW
GetLengthSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
RegCloseKey
RegCreateKeyExA
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RevertToSelf
SetThreadToken

gdi32

GetOutlineTextMetricsA
EudcLoadLinkW

kernel32

VirtualAlloc
CloseHandle
CompareStringW
CreateDirectoryW
CreateFileA
CreateFileW
CreateMutexW
DeleteFileA
DeleteFileW
DeviceIoControl
FileTimeToDosDateTime
FindClose
FindFirstFileW
FreeLibrary
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetDriveTypeW
GetEnvironmentVariableW
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetProcAddress
GetTempFileNameW
GetTickCount
GlobalFree
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
LoadLibraryA
LocalAlloc
LocalFree
MoveFileW
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
ReadFile
ReleaseMutex
SetEndOfFile
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
Sleep
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatW
lstrcmpiW
lstrcpyW
lstrlenW
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
IsBadWritePtr
DeleteCriticalSection
ExitProcess
FatalAppExitA
RtlUnwind
SetStdHandle
GetLastError
GetFileType
TerminateProcess
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedIncrement
GetExitCodeProcess
CreateProcessW
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
SetConsoleCtrlHandler
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
FlushFileBuffers
RaiseException
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
SetEnvironmentVariableA

ole32

CoRevertToSelf

user32

SetCaretPos
wvsprintfA
DefWindowProcW
DestroyWindow
MessageBoxA
MsgWaitForMultipleObjects
PostQuitMessage
SetThreadDesktop
UnregisterClassW
VkKeyScanExW
wsprintfA
wsprintfW

Exports

Exports

QTDFSUQVFQB

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d68099df983cfefc55a0884e27f520a7

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

user32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 48KB - Virtual size: 57KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 48KB - Virtual size: 57KB

.reloc
Size: 12KB - Virtual size: 8KB