b492b51b4df3f25802abb3c3cc712abb2e7ed4d18c2a88795c22c6606cc77588

Sharing

Copy URL Twitter E-mail

General

Target

b492b51b4df3f25802abb3c3cc712abb2e7ed4d18c2a88795c22c6606cc77588
Size

72KB
MD5

78097679bbf6ab33ce9acfbfa3b8c2f0
SHA1

8f41797400e80d2852fbc43fc1224ca50372e5cb
SHA256

b492b51b4df3f25802abb3c3cc712abb2e7ed4d18c2a88795c22c6606cc77588
SHA512

6e2f09752aab33e64506b32ba577df1357c9cd59d973318a23131d9ec906611e4e724beb05af25cea2231704e129c7e1c938769d46f8131d70e888baa6ffc983
SSDEEP

1536:cnfHYv7OlsM6ONZzXZapOUpC9MUY0lZB5xpb:6fe7OlsMnNzsOUpC7Y03B5xpb

Score

N/A

Malware Config

Signatures

Files

b492b51b4df3f25802abb3c3cc712abb2e7ed4d18c2a88795c22c6606cc77588
.dll windows x86

ebfc75b167b71b9e5d695e4ee84fcff0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomW
FindNextFileW
CreateEventW
GetUserDefaultLCID
FormatMessageA
ReplaceFileW
GetEnvironmentVariableA
LocalHandle
SetEnvironmentVariableA
FindResourceA
HeapValidate
GetLocalTime
ChangeTimerQueueTimer
GetDiskFreeSpaceExW
VirtualUnlock
SetEndOfFile
SwitchToThread
GetUserDefaultLangID
SetHandleCount
CreateMutexW
GetCommandLineA
FindAtomA
RegisterWaitForSingleObject
LocalUnlock
ReadConsoleInputW
WaitForMultipleObjectsEx
FindFirstFileA
GetDateFormatA
OpenMutexW
CompareFileTime
MoveFileA
RegisterWaitForSingleObjectEx
HeapCreate
OpenSemaphoreW
FindAtomW
PurgeComm
InterlockedCompareExchange
LoadResource
GetDiskFreeSpaceA
MoveFileExA
LeaveCriticalSection
lstrcatW
CreateMutexA
HeapFree
GetComputerNameA
ReleaseMutex
CreateFileMappingA
InitializeCriticalSection
GetProcessHeap
MapViewOfFile
GetSystemTimeAsFileTime
CreateProcessA
GetLastError
GetProcAddress
lstrlenW
lstrlenA
lstrcpyW
WaitForSingleObject
LoadLibraryA
LockResource
GetModuleFileNameA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSaveKeyW
RegDeleteKeyW
IsTextUnicode
RegRestoreKeyA
IsTokenRestricted
QueryServiceConfigA
RegLoadKeyA
RegSetValueW
QueryServiceLockStatusW
RegUnLoadKeyA
UnlockServiceDatabase
RegOpenKeyW
RegSetValueExA

gdi32

MoveToEx
StretchDIBits
EnumFontFamiliesExW
GetRandomRgn
GetROP2
GetFontResourceInfoW
TextOutW
GetTextAlign
SetBrushOrgEx
CloseMetaFile
GetRegionData
AddFontResourceW
GetWinMetaFileBits
CreateMetaFileW
GetCharWidthW
AnimatePalette
CreateBitmap
ExtEscape
EndDoc
GetSystemPaletteUse
GetPixelFormat
ScaleWindowExtEx

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebfc75b167b71b9e5d695e4ee84fcff0

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1012B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1012B

.reloc
Size: 4KB - Virtual size: 1KB