9395316c2297f6234e3fcabbdc60983fc25ac8146ca1e2885fb3414c8369b700

Sharing

Copy URL

Twitter E-mail

General

Target

9395316c2297f6234e3fcabbdc60983fc25ac8146ca1e2885fb3414c8369b700
Size

144KB
MD5

f28e91fc91afd9b1606549aa33d38ec7
SHA1

e9f839e835ee14290532953abf12eb59253df195
SHA256

9395316c2297f6234e3fcabbdc60983fc25ac8146ca1e2885fb3414c8369b700
SHA512

4d9748c61c7f073f3c2d2d1a2502673385432e0ede5a206306d7d91cece3cd58b6db0e0fe33b401d5e4795eb24c7a30858eaf817a38238b670397efb5ec80f02
SSDEEP

3072:GGM8cmrYaCCTcoiF8Yat7PsPCrUyG8wrrlxOcB:GGM8J0ic9F8Yk7kJyE3ZB

Score

N/A

Malware Config

Signatures

Files

9395316c2297f6234e3fcabbdc60983fc25ac8146ca1e2885fb3414c8369b700
.dll windows x86

8d6299e903b308057808be855961c4cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
FindFirstFreeAce
GetManagedApplications
RegCloseKey
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueA
RegDeleteValueW
RegEnumKeyExA
RegEnumKeyExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegSetValueExA
StartTraceW

gdi32

DrawEscape
SetTextAlign
UpdateColors
CombineRgn

kernel32

VirtualAlloc
GetCommandLineW
DisableThreadLibraryCalls
GetShortPathNameA
_lopen
DeleteCriticalSection
EnterCriticalSection
FindResourceA
FindResourceW
FreeLibrary
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetSystemDefaultLangID
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
InitializeCriticalSection
InterlockedDecrement
IsBadWritePtr
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadResource
MultiByteToWideChar
SetLastError
SetThreadLocale
SizeofResource
WideCharToMultiByte
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrlenA
CompareStringW
CompareStringA
GetLocaleInfoW
GetSystemInfo
VirtualProtect
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetStringTypeW
SetEnvironmentVariableA
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
HeapSize
LoadLibraryA
VirtualQuery
InterlockedExchange
RtlUnwind
HeapReAlloc
GetCPInfo
GetOEMCP
GetCurrentThreadId
GetCommandLineA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsAlloc
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
FatalAppExitA
GetACP

ole32

OleCreateEmbeddingHelper
GetHGlobalFromStream
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateObjectInContext
CoCreateInstance
StringFromCLSID

oleaut32

VarDecFromUI2
VarUI4FromDisp
VectorFromBstr

rpcrt4

RpcBindingInqAuthInfoExA
NdrDllUnregisterProxy
RpcBindingInqAuthClientExA
RpcIfIdVectorFree
UuidHash

user32

CallMsgFilter
CharNextW
DlgDirSelectComboBoxExA
GetWindowLongA
GetWindowPlacement
IsCharAlphaNumericA
LoadStringA
LoadStringW
PeekMessageW

Exports

Exports

OTGWNZJ

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d6299e903b308057808be855961c4cd

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

rpcrt4

user32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 4KB