86e44e81c483db05d2fbd6d17ba82049b2d3aaf21b137e11d54ab4234cf8285c

General

Target

86e44e81c483db05d2fbd6d17ba82049b2d3aaf21b137e11d54ab4234cf8285c
Size

171KB
MD5

908b5e881b7814ff9cd92ed770508ad4
SHA1

4452f67a77b0492991c1ef07c05ea6a010e70485
SHA256

86e44e81c483db05d2fbd6d17ba82049b2d3aaf21b137e11d54ab4234cf8285c
SHA512

55c8d4d4857c4df17a26c6f9a98c81a70ba2822aa20fa8510aa0c1d885d301fbafecef2dbca945afb8eba17a7f340b8666b89fb3ec8219e461c7f70cfa648041
SSDEEP

3072:OQV9qkfbCd3wQfF+DU5lJcTGubd9Irjwv+d0EyF0pEnaUDsIl6R5ld44j0XYD:OufbCBwQI8D6FKrjb2u3KTqDBC

Score

N/A

Malware Config

Signatures

Files

86e44e81c483db05d2fbd6d17ba82049b2d3aaf21b137e11d54ab4234cf8285c
.dll windows x86

18c9b7c1a7559c62f551b8aa09a63f1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxW
SendMessageW
IsWindow

gdi32

EndPage
GdiGetSpoolFileHandle
GdiPlayEMF
GdiPlayScript
RectInRegion

kernel32

ExitProcess
FindClose
FindFirstFileW
FindNextFileW
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFullPathNameW
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InterlockedCompareExchange
InterlockedExchange
OutputDebugStringW
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
lstrlenW

shell32

DragFinish
SHCreateDirectoryExW
SHUpdateRecycleBinIcon
ShellHookProc
CommandLineToArgvW

msvcrt

__set_app_type
__setusermatherr
_amsg_exit
_cexit
_controlfp
__p__fmode
_initterm
_ismbblead
_wcsdup
_wcslwr
exit
free
memset
printf
wcsstr
wprintf
__p__commode
__getmainargs
_XcptFilter
_exit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

Exports

Exports

AAuxDecode
FIsSpaceA
HrGetCertificateParam
HrGetMsgParam
PszScanToCharA

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18c9b7c1a7559c62f551b8aa09a63f1f

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

shell32

msvcrt

advapi32

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 99KB - Virtual size: 98KB

.data Size: 17KB - Virtual size: 18KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 99KB - Virtual size: 98KB

.data
Size: 17KB - Virtual size: 18KB

.rsrc
Size: 1KB - Virtual size: 1KB