5738b7691fb75cfbac61a4a686f9992fa822290a78074320d234eb20e84ffb1e

Sharing

Copy URL Twitter E-mail

General

Target

5738b7691fb75cfbac61a4a686f9992fa822290a78074320d234eb20e84ffb1e
Size

456KB
MD5

0974d637d7818b6ae17044e28c5f73a6
SHA1

9d9d46dc33374df89fbb689e78f551d59f9159b9
SHA256

5738b7691fb75cfbac61a4a686f9992fa822290a78074320d234eb20e84ffb1e
SHA512

c18c69b2c57ce18728e61e817653b80f12ef59491a9fba6a578bbe6d5fa075ed91595adcf38a2fe68c7c269c5ad9ca259c7b863b31037084249bf892f8408fc5
SSDEEP

6144:CQ8YMKT3AYYNoq/NjELcHYz9ZqvFtic3foevmBIrL2YkAFe+fPOPqdsjwa7H7Io:CTYT3y+0GiYDqH93bvFOfAFaPnN

Score

N/A

Malware Config

Signatures

Files

5738b7691fb75cfbac61a4a686f9992fa822290a78074320d234eb20e84ffb1e
.dll windows x86

890a5c9420e3afb1517f47f1921a454d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetSystemDirectoryA
GetTickCount
GetVersionExA
GetWindowsDirectoryA
LoadLibraryA
QueryPerformanceCounter
SetLastError
GetProcessPriorityBoost
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
WaitForSingleObject
lstrlenA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFullPathNameA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
FreeLibrary
FindNextFileA
FindFirstFileA
FindClose
CloseHandle
CreateProcessA
CopyFileA
SetUnhandledExceptionFilter

shell32

SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA

advapi32

OpenSCManagerA
QueryServiceStatus
OpenServiceA
OpenProcessToken
LookupPrivilegeValueA
GetTokenInformation
GetSecurityDescriptorLength
EqualSid
CryptDecrypt
ControlService
AllocateAndInitializeSid
AdjustTokenPrivileges
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey

msvcrt

_onexit
_setmbcp
_initterm
_strupr
exit
sprintf
strncpy
strstr
_exit
_except_handler3
_controlfp
_cexit
_c_exit
_adjust_fdiv
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__getmainargs
__dllonexit
__CxxFrameHandler
_XcptFilter
_strnicmp

user32

TranslateMessage
SetForegroundWindow
SendMessageA
PostMessageA
LoadIconA
IsIconic
GetWindow
FrameRect
FindWindowA
ExitWindowsEx
EnumWindows
EnableWindow
DrawIcon
DispatchMessageA

Exports

Exports

Number_Xor
String_Decode
UnpackTuple
get_x_offset_microns
malloc_default
set_rgb_to_gray

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

890a5c9420e3afb1517f47f1921a454d

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

msvcrt

user32

Exports

Exports

Sections

.text Size: 105KB - Virtual size: 104KB

.rdata Size: 221KB - Virtual size: 221KB

.data Size: 108KB - Virtual size: 108KB

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 105KB - Virtual size: 104KB

.rdata
Size: 221KB - Virtual size: 221KB

.data
Size: 108KB - Virtual size: 108KB

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 3KB - Virtual size: 3KB