9020cefbd7c9919c4fb81c162982b7643e262afc563c15b469c54b5562a75532

General

Target

9020cefbd7c9919c4fb81c162982b7643e262afc563c15b469c54b5562a75532
Size

48KB
MD5

70d17ddaf3db81ffaf559a6dca0a50d7
SHA1

ce1a7fb4aa934a089a1416a072461b0f3be940fd
SHA256

9020cefbd7c9919c4fb81c162982b7643e262afc563c15b469c54b5562a75532
SHA512

3972fe18b6cfdea03890796bec0884cb0c4013f0b1788f0ccf1c3e17d8dfe21328510fc18e5421c09e98e16b79e032d733d9b9dac9e2972a12c56d9df7a298b1
SSDEEP

1536:RogIPbTLWyhQlL/gPQuUez5gATmW+lvpb7AoMiym+:RogIXLW3/nZedCW+RpnAoP

Score

N/A

Malware Config

Signatures

Files

9020cefbd7c9919c4fb81c162982b7643e262afc563c15b469c54b5562a75532
.dll windows x86

49b12e7edac287efebe2e315396b3e05

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteEmptyKeyA
ord195
AssocCreate
SHDeleteKeyA
PathRemoveBackslashA

ole32

CoCreateInstance
CoInitialize

kernel32

GetVersionExW
GetVersionExA
WideCharToMultiByte
GetCommandLineW
GetModuleHandleA
GetEnvironmentVariableW
SetErrorMode
Sleep
ResetEvent
CreateEventA
GetWindowsDirectoryA
FormatMessageA
GlobalFree
WaitForMultipleObjects
CreateEventW
GetCurrentProcess
GetVolumeInformationA
GetDriveTypeA
VirtualAlloc
VirtualFree
CreateFileA
ReadFile
WriteFile
GetCurrentProcessId
GetModuleFileNameA
GetSystemTime
SystemTimeToFileTime
LocalAlloc
GetFileSize
SearchPathA
CreateSemaphoreA
OpenSemaphoreA
TryEnterCriticalSection
SwitchToThread
ResumeThread
CreateThread
TerminateThread
IsDBCSLeadByteEx
GetStringTypeW
HeapReAlloc
GetStringTypeA
GetCPInfo

user32

MessageBeep
GetWindowLongA
SendMessageA
GetDlgItem
MessageBoxW

winhttp

WinHttpCloseHandle
WinHttpConnect

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey

shell32

SHGetFolderPathW

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 278B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49b12e7edac287efebe2e315396b3e05

Headers

File Characteristics

Imports

shlwapi

ole32

kernel32

user32

winhttp

advapi32

shell32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 12KB

.reloc Size: 512B - Virtual size: 278B

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 12KB

.reloc
Size: 512B - Virtual size: 278B