938753d7660fa0190124ff6e9bbfb7d832d417945dc6dff3843a694993ca0cf8

Sharing

Copy URL Twitter E-mail

General

Target

938753d7660fa0190124ff6e9bbfb7d832d417945dc6dff3843a694993ca0cf8
Size

592KB
MD5

2651879482afcee47474d051e7944040
SHA1

ae09f71239ba47247ec28dd40a1f8c4a931d6f47
SHA256

938753d7660fa0190124ff6e9bbfb7d832d417945dc6dff3843a694993ca0cf8
SHA512

22159b2618c0785bf36c67262a0f9cb352f211e178742479f764f6f4ff8723147f03f8b5f67b23fa5100c7d7f7d887010b8cc326dc6239f93479696d9a8926f1
SSDEEP

12288:FtuIJVP4IGbBW7ULdLdEdEnnDVJR/Qfgr/:LuWWn9dLdEdEDHRIfg7

Score

N/A

Malware Config

Signatures

Files

938753d7660fa0190124ff6e9bbfb7d832d417945dc6dff3843a694993ca0cf8
.dll windows x86

f1a82a39761c967d02ef3ad4db90a3cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
CryptGetKeyParam
RegSetValueExW
RegQueryValueExW
RegCloseKey

oleaut32

RegisterTypeLi
SysStringLen
UnRegisterTypeLi
VarUI4FromStr
LoadTypeLi
SysAllocString
SysFreeString

ole32

CoTaskMemAlloc
CoInitialize
CoUninitialize
CoInitializeEx
CoCreateInstance
CoTaskMemRealloc

shell32

ShellExecuteW

kernel32

SetEvent
CloseHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeLibrary
lstrlenW
InterlockedIncrement
QueryPerformanceCounter
LocalAlloc
TerminateProcess
GetLastError
GetCurrentProcessId
LocalFree
InitializeCriticalSection
GetModuleHandleW
LoadResource
GetVersionExA
DeleteCriticalSection
CreateFileW
GlobalFree
InterlockedDecrement
InterlockedExchange
GetSystemTimeAsFileTime
ReadFile
WideCharToMultiByte
DeviceIoControl
InterlockedCompareExchange
GetDateFormatA
EnterCriticalSection
WaitForSingleObject
GetModuleHandleA
MultiByteToWideChar
Sleep
GetTickCount
LeaveCriticalSection
GetCurrentThreadId
VirtualAlloc
lstrcmpiW
GlobalAlloc
GetModuleFileNameW
CreateMutexW
RaiseException

Exports

Exports

AppendInittab
ErrWithFilename
GetMin
ImagAsDouble
Import
List_SetItem
get_user_transform_ptr
init_io
set_sCAL

Sections

.text
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1a82a39761c967d02ef3ad4db90a3cc

Headers

File Characteristics

Imports

advapi32

oleaut32

ole32

shell32

kernel32

Exports

Exports

Sections

.text Size: 184KB - Virtual size: 182KB

.rdata Size: 88KB - Virtual size: 87KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 164KB - Virtual size: 161KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 184KB - Virtual size: 182KB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 164KB - Virtual size: 161KB

.reloc
Size: 12KB - Virtual size: 11KB