6de763a25e1aef8bac11c93eee489568a85700303e4cde4196b6ac09c5a34752

Sharing

Copy URL Twitter E-mail

General

Target

6de763a25e1aef8bac11c93eee489568a85700303e4cde4196b6ac09c5a34752
Size

138KB
MD5

3237271bd507264f2932866b0e1073c0
SHA1

f19132d126d978006d2286ab09f0778111ffd498
SHA256

6de763a25e1aef8bac11c93eee489568a85700303e4cde4196b6ac09c5a34752
SHA512

d0d57aa8ee78cca43138a4d7d03a0c84668a1eefaa23224af7a6ee3b57e62ddea1e3d6c8718eff13aa77c8756187453d68bc7e33f1d7868cf1c4866bee4cc19c
SSDEEP

3072:+gt1pxaMzPGuzKXaZtmCuAL5mW6jcEx0icptXzWXSN8Ha/D9Q1zwKp6GuM5m:+gtVDMKZtd7x6jcQduXCiNhy1zvp6a

Score

N/A

Malware Config

Signatures

Files

6de763a25e1aef8bac11c93eee489568a85700303e4cde4196b6ac09c5a34752
.dll windows x86

ee4f90c889395b43f44de80b028e2717

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
OpenProcessToken

kernel32

CloseHandle
CreateThread
DeleteFileA
ExitProcess
ExitThread
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetFileSize
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetTickCount
GetWindowsDirectoryW
LoadLibraryA
LocalAlloc
LocalFree
LocalLock
LocalUnlock
SetCurrentDirectoryW
SetPriorityClass
VirtualAlloc
VirtualFree
VirtualProtect
lstrcmpiW
lstrcpyW
lstrlenW

shell32

DoEnvironmentSubstW
RealShellExecuteW
RegenerateUserEnvironment
CheckEscapesW

msvcrt

exit
_initterm
_exit
_controlfp
_cexit
_c_exit
_adjust_fdiv
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__initenv
__getmainargs
_XcptFilter
_except_handler3

user32

wsprintfW
UpdateWindow
TranslateMessage
TileChildWindows
SwitchToThisWindow
ShowWindow
ShowCursor
SetWindowPos
SetForegroundWindow
SetFocus
SetDlgItemTextW
SetCursor
SendMessageW
SendDlgItemMessageW
RegisterHotKey
ArrangeIconicWindows
CascadeChildWindows
CharNextW
CreateDialogParamW
DestroyWindow
DispatchMessageW
EnableWindow
EndTask
GetCursorPos
GetDesktopWindow
GetDlgItem
GetDlgItemTextW
GetKeyState
GetLastActivePopup
GetMessageW
GetSystemMetrics
GetWindow
GetWindowLongW
GetWindowRect
GetWindowThreadProcessId
InternalGetWindowText
IsDialogMessageW
IsWindow
IsWindowVisible
LoadCursorW
LoadStringW
MessageBeep
MessageBoxW
PostMessageW
PostQuitMessage

Exports

Exports

SteamMatchmaking
SteamUser
Wiz_SingleEntryUnzip

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee4f90c889395b43f44de80b028e2717

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

shell32

msvcrt

user32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 81KB - Virtual size: 84KB

.data Size: 19KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 8KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 81KB - Virtual size: 84KB

.data
Size: 19KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 8KB