47df523b0881f5a1552b409bbe886daa70583153db63458f99a2ceb616bb0c36

Sharing

Copy URL

Twitter E-mail

General

Target

47df523b0881f5a1552b409bbe886daa70583153db63458f99a2ceb616bb0c36
Size

376KB
MD5

5eaf2d53589d5b6218f71a790b2a3350
SHA1

4350fe724cecb75facd6d6ddb955d225c0e3d3ae
SHA256

47df523b0881f5a1552b409bbe886daa70583153db63458f99a2ceb616bb0c36
SHA512

7f782be48a8b91479847c6a2d38c84ec2601019de0d765db1511ff3b9122df7aba1d01a2622918be781b80b0dbdece8d2e8ec1d2fd67264d8cec01e5eb7aeb28
SSDEEP

6144:OemqdIXr5XtDdGuZG5wPlj/fVFtPfokaNmHyVxsLIYUW6lrEKqrGRZFqOo:Oko1GgjVFNoka8ygsYU1lrEKqaFN

Score

N/A

Malware Config

Signatures

Files

47df523b0881f5a1552b409bbe886daa70583153db63458f99a2ceb616bb0c36
.dll windows x86

d3304b4ff48fd1ce3e0345018b21a6e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
RegisterTypeLi
SysAllocString
VarUI4FromStr
SysStringLen
UnRegisterTypeLi
LoadTypeLi

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW
CryptGetKeyParam
RegEnumKeyExW
RegQueryInfoKeyW

shell32

ShellExecuteW

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize
CoInitializeEx
CoCreateInstance

kernel32

InitializeCriticalSection
InterlockedExchange
GetModuleHandleA
CreateMutexW
lstrlenW
MultiByteToWideChar
SetEvent
RaiseException
GlobalAlloc
SetUnhandledExceptionFilter
CloseHandle
EnterCriticalSection
DeleteCriticalSection
ReadFile
LoadResource
Sleep
lstrcmpiW
GetVersionExA
CreateFileW
GetDateFormatA
WaitForSingleObject
UnhandledExceptionFilter
LocalAlloc
VirtualAlloc
TerminateProcess
GetTickCount
GetLastError
InterlockedCompareExchange
DeviceIoControl
QueryPerformanceCounter
GetModuleHandleW
WideCharToMultiByte
LeaveCriticalSection
LocalFree
GetModuleFileNameW
InterlockedDecrement
GetCurrentThreadId
GetSystemTimeAsFileTime
FreeLibrary
GlobalFree
InterlockedIncrement
GetCurrentProcessId

Exports

Exports

Import
get_PLTE
get_cHRM
set_gray_to_rgb
set_rgb_to_gray
write_init

Sections

.text
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3304b4ff48fd1ce3e0345018b21a6e2

Headers

File Characteristics

Imports

oleaut32

advapi32

shell32

ole32

kernel32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 170KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 52KB - Virtual size: 52KB

.rsrc Size: 68KB - Virtual size: 64KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 172KB - Virtual size: 170KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 68KB - Virtual size: 64KB

.reloc
Size: 8KB - Virtual size: 6KB