7c6d59ae1aa01841bceb0693a0f95fb4e0e54d3f6915b1f2d5a43d2eed5101d1

Sharing

Copy URL Twitter E-mail

General

Target

7c6d59ae1aa01841bceb0693a0f95fb4e0e54d3f6915b1f2d5a43d2eed5101d1
Size

529KB
MD5

5f2678a431a6751a6f7d38fff4cc0360
SHA1

fb32d25c2e660a99fc316d3604617e5a3c8b78b7
SHA256

7c6d59ae1aa01841bceb0693a0f95fb4e0e54d3f6915b1f2d5a43d2eed5101d1
SHA512

7c8946e02434ef72e1d40932052179c6b9fb2553631fc14a67c9c85b34e8a7f5002e449efdfeb9649daa9bc32cb8182d69e55000998cc286aa8470c5ee85d010
SSDEEP

12288:NCpyhIz/ab+z0qe0D+O+MS4QTL5jEBLc3YydF:NFhITM+qm2T9E8Yyd

Score

N/A

Malware Config

Signatures

Files

7c6d59ae1aa01841bceb0693a0f95fb4e0e54d3f6915b1f2d5a43d2eed5101d1
.dll windows x86

9f5157a35502b9ecb33ff71d3f58d92a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AccessCheckByTypeAndAuditAlarmA
ConvertStringSidToSidW
DecryptFileA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueA
RegSetValueExA
SetAclInformation
CryptSetProvParam
RegCreateKeyExA
AddUsersToEncryptedFile
CryptImportKey
GetMultipleTrusteeW
CryptGetHashParam
DecryptFileW
LsaOpenSecret
OpenProcessToken
ProcessTrace
RegDeleteKeyA
AddAce
BuildImpersonateTrusteeW
ElfNumberOfRecords
GetNamedSecurityInfoW
LsaEnumerateTrustedDomains
LsaOpenTrustedDomain
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
SetSecurityDescriptorGroup

kernel32

FreeLibrary
GetCurrentThreadId
GetModuleFileNameW
GetProcAddress
GetSystemWindowsDirectoryA
InitializeCriticalSectionAndSpinCount
LoadLibraryW
OutputDebugStringA
CloseHandle
CreateEventA
CreateFileW
CreateSemaphoreA
GetProfileIntA
GlobalFree
GlobalHandle
GlobalUnlock
HeapDestroy
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LocalAlloc
LocalFree
LocalHandle
MultiByteToWideChar
ReleaseSemaphore
ResetEvent
SetConsoleMode
SetEvent
SetThreadPriority
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
lstrlenA
ExpandEnvironmentStringsA
GetDriveTypeA
GetFullPathNameA
GetModuleFileNameA
InterlockedCompareExchange
RaiseException
SearchPathA
Sleep
CreateIoCompletionPort
GetCurrentProcess
GetLocalTime
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
lstrcatW
lstrcpyW
lstrlenW
CompareStringA
CompareStringW
CreateFileA
DeleteFileA
EnumDateFormatsExA
FlushFileBuffers
GetCurrencyFormatA
GetModuleHandleA
GetProcessVersion
GetTempFileNameA
GetVersion
GlobalAlloc
GlobalLock
GlobalReAlloc
IsBadReadPtr
OpenFile
ReadFile
SetFilePointer
lstrcpyA
CreateEventW
CreateThread
FindFirstVolumeW
GetBinaryTypeW
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
ResumeThread
CreateProcessA
FormatMessageA
GetFileAttributesA
GetPrivateProfileSectionA
GetSystemDirectoryA
GetWindowsDirectoryA
LoadLibraryA
LoadLibraryExW
MoveFileA
SetFileAttributesA
WaitForSingleObjectEx
WriteFile
lstrcatA
lstrcpynA
CreateDirectoryW
CreateTimerQueueTimer
FindClose
FindFirstFileW
FindNextFileW
FormatMessageW
GetComputerNameW
GetProcessHeap
GetStringTypeW
HeapWalk
LoadResource
LockResource
SetSystemTime
SizeofResource
lstrcmpi
VirtualAlloc
DnsHostnameToComputerNameW
GetEnvironmentStrings
MapUserPhysicalPagesScatter
ReleaseMutex
SetThreadExecutionState
lstrcpynW
GetLocaleInfoW
GetLastError
HeapFree
HeapAlloc
GetExitCodeProcess
GetCurrentDirectoryA
SetCurrentDirectoryA
SetErrorMode
ExitThread
MoveFileW
GetModuleHandleW
ExitProcess
GetCPInfo
HeapSize
GetTimeFormatA
GetDateFormatA
FindFirstFileA
FindNextFileA
GetFileType
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
IsDBCSLeadByteEx
ReadConsoleA
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetEnvironmentVariableA
GetCommandLineA
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
HeapCreate
VirtualFree
HeapReAlloc
LCMapStringW
SetConsoleCtrlHandler
LCMapStringA
GetStringTypeA
SetStdHandle
GetTimeZoneInformation
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEndOfFile
GetFileAttributesW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
RtlUnwind
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateProcessW
SetEnvironmentVariableW

ole32

OpenOrCreateStream
HMETAFILE_UserFree
HMETAFILEPICT_UserFree
CLIPFORMAT_UserSize
StgCreateDocfile
OleCreateEmbeddingHelper
HMENU_UserMarshal
HENHMETAFILE_UserSize
CLIPFORMAT_UserMarshal
HDC_UserFree
ReadClassStm
CoGetClassObject
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
SNB_UserUnmarshal
CoTaskMemRealloc

oleaut32

VarCyAdd
VarDateFromR4
VarCyFromUI4
VarR4FromUI4
VarDecFromR4
VarCyFromUI2
OleLoadPictureFileEx
VarBstrCmp
VarR8FromDisp
VarI2FromUI4
VarDateFromR8
VarCyFromR8
OleLoadPicturePath

shell32

SHBrowseForFolderA

Exports

Exports

BHBIUIGLXU

Sections

.text
Size: 431KB - Virtual size: 431KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f5157a35502b9ecb33ff71d3f58d92a

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

oleaut32

shell32

Exports

Exports

Sections

.text Size: 431KB - Virtual size: 431KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 22KB - Virtual size: 36KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 431KB - Virtual size: 431KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 22KB - Virtual size: 36KB

.reloc
Size: 15KB - Virtual size: 15KB