774a08b40e44fcb8c971cf45db40342c2f922a94b3f8e6be6907f9cb81cfd5b8

Sharing

Copy URL Twitter E-mail

General

Target

774a08b40e44fcb8c971cf45db40342c2f922a94b3f8e6be6907f9cb81cfd5b8
Size

174KB
MD5

8124a96d0bf5642e1c455935334d7411
SHA1

14f638e667c4ac8abb4dcd33d57413853011ac1b
SHA256

774a08b40e44fcb8c971cf45db40342c2f922a94b3f8e6be6907f9cb81cfd5b8
SHA512

735cc3087fa8d52d5fd05f9b523ef45dd5014cbc37b62de5753ea49298405800e6c23a3a2f387bf20cb0acdedb088ac965ebe41e5b2e9dbfd033b917b7d3830f
SSDEEP

3072:WKUt36ZIR/b2lIHJwUpIoAKtnxFkeqqNiDPL9Okb5gVW8pW6kA:8V6ZIplgKt7keq6iP9PdMpWX

Score

N/A

Malware Config

Signatures

Files

774a08b40e44fcb8c971cf45db40342c2f922a94b3f8e6be6907f9cb81cfd5b8
.dll windows x86

035b05da83ea56fef604689e2c3187a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DeregisterEventSource
InitializeSecurityDescriptor
LsaSetDomainInformationPolicy
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegisterEventSourceA
ReportEventW
SetSecurityDescriptorDacl
SetServiceStatus

setupapi

CM_Free_Resource_Conflict_Handle

user32

MessageBoxW

kernel32

_lread
WriteFile
WideCharToMultiByte
CancelWaitableTimer
CloseHandle
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileW
DeleteCriticalSection
DeleteFiber
DeleteTimerQueueTimer
DeviceIoControl
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsW
FormatMessageW
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetFileAttributesW
GetFullPathNameW
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
GetVersionExA
GlobalHandle
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedExchange
IsDebuggerPresent
LeaveCriticalSection
LoadModule
LocalFree
MoveFileExW
OutputDebugStringW
Process32NextW
QueryPerformanceCounter
ReadFile
SetCommMask
SetCommTimeouts
SetEvent
SetFilePointer
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject

ws2_32

getservbyname
gethostbyname
htons
inet_ntoa
ntohl
ntohs
gethostbyaddr
WSASetLastError
htonl

shell32

SHAddToRecentDocs
SHGetFolderPathW

Exports

Exports

ADeviceStartPlay
DeleteTempFile
FMissingCert
OpenFileStreamWithFlagsW
PVDecodeObject
PszSkipWhiteA

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

035b05da83ea56fef604689e2c3187a2

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

setupapi

user32

kernel32

ws2_32

shell32

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 104KB - Virtual size: 103KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 104KB - Virtual size: 103KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 6KB - Virtual size: 5KB