dbf3e27ace83f5c5a6a71c2bc7fa25963431fe51690bc70593d55b7e9f4c47c9

Sharing

Copy URL Twitter E-mail

General

Target

dbf3e27ace83f5c5a6a71c2bc7fa25963431fe51690bc70593d55b7e9f4c47c9
Size

288KB
MD5

e63ce88a0d42e93b4e6bcaa8575f8120
SHA1

a13d14baa61c945107d9e518e0dc6e50db3be785
SHA256

dbf3e27ace83f5c5a6a71c2bc7fa25963431fe51690bc70593d55b7e9f4c47c9
SHA512

020897729705aed3234d402c5d2e6a7808266342901a51c8b44510b95aef12cfab10222999c994c377739628b17f53df3550348a663999d062426eb8878aa932
SSDEEP

3072:mvUZMjKkGEmvoQhCtHUwxkBs2E73om+YLig/tMjh58D2YBNYa31tS4yo6:EUujnGEYoQcVSU+Qt8YH3qHo6

Score

N/A

Malware Config

Signatures

Files

dbf3e27ace83f5c5a6a71c2bc7fa25963431fe51690bc70593d55b7e9f4c47c9
.dll windows x86

3a0445407d5a81ce7604194e2ac89a87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ConvertSecurityDescriptorToAccessA
GetLengthSid
LookupAccountSidW
LsaQueryInformationPolicy
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW

kernel32

CloseHandle
CreateFileW
FormatMessageW
FreeLibrary
GetCurrentProcess
GetModuleHandleW
LoadLibraryW
LocalAlloc
LocalFree
MultiByteToWideChar
Process32FirstW
QueryDosDeviceW
RemoveDirectoryA
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
lstrcatW
lstrcmpiW
lstrcpyW
lstrlenW
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualProtect
GetProcAddress
GetModuleHandleA
GetSystemInfo
VirtualQuery
GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
RtlUnwind
RaiseException
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
Sleep
ExitProcess
FatalAppExitA
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
SetConsoleCtrlHandler
InterlockedExchange
LoadLibraryA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapSize
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetTimeZoneInformation
SetEndOfFile
ReadFile
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA

ole32

BindMoniker

user32

wsprintfW
CharPrevA
CloseWindow
LoadStringW
SetScrollRange

Exports

Exports

txppssrdum

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a0445407d5a81ce7604194e2ac89a87

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 189KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 20KB - Virtual size: 29KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 192KB - Virtual size: 189KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 20KB - Virtual size: 29KB

.reloc
Size: 12KB - Virtual size: 8KB