18c052bb953399f68107e73f32f55920e0d1fbeb6fc474566ba77c0c391d2f90

Sharing

Copy URL Twitter E-mail

General

Target

18c052bb953399f68107e73f32f55920e0d1fbeb6fc474566ba77c0c391d2f90
Size

544KB
MD5

0cbe94226cf2ad32c86e0da529d19310
SHA1

e608d972bd790e954c6e36bca5562989462678ba
SHA256

18c052bb953399f68107e73f32f55920e0d1fbeb6fc474566ba77c0c391d2f90
SHA512

30898ef4e7727d69fda8f2e745299d4850b89bbb075e3cc0905e44271713d3228f2268e4afb1526d875c8305819e02f733f89968079cf9341376799b27ac78c1
SSDEEP

12288:KOF2VzNYxb+uKckWipc9h32aDvfgma8NK6LOHM5Ao4:KOF2VBwqncapcfVgR6Keiq5

Score

N/A

Malware Config

Signatures

Files

18c052bb953399f68107e73f32f55920e0d1fbeb6fc474566ba77c0c391d2f90
.dll windows x86

c39a265624b09beafe7da4d517ce4c43

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW

oleaut32

VarUI4FromStr
SysFreeString
LoadTypeLi
UnRegisterTypeLi
SysStringLen
SysAllocString
RegisterTypeLi

kernel32

GlobalAlloc
GetVersionExA
RaiseException
GetCurrentProcessId
lstrcmpiW
InterlockedIncrement
DeleteCriticalSection
DeviceIoControl
GetLastError
GetModuleHandleW
CloseHandle
GetCurrentThreadId
VirtualAlloc
LocalAlloc
GetDateFormatA
TerminateProcess
ReadFile
InterlockedCompareExchange
CreateFileW
MultiByteToWideChar
UnhandledExceptionFilter
LeaveCriticalSection
SetEvent
GetModuleFileNameW
WideCharToMultiByte
LocalFree
EnterCriticalSection
lstrlenW
GetModuleHandleA
LoadResource
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedExchange
GetTickCount
InterlockedDecrement
FreeLibrary
WaitForSingleObject
GetSystemTimeAsFileTime
InitializeCriticalSection
Sleep

ole32

CoCreateInstance
CoTaskMemRealloc
CoInitialize
CoInitializeEx
CoUninitialize
CoTaskMemAlloc

advapi32

RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey
RegQueryValueExW
RegEnumKeyExW

Exports

Exports

AsString
FromStringAndSize
List_Append
StrictErrors
_Size
set_PLTE
set_gamma
vInitA

Sections

.text
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c39a265624b09beafe7da4d517ce4c43

Headers

File Characteristics

Imports

shell32

oleaut32

kernel32

ole32

advapi32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 169KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 152KB - Virtual size: 151KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 172KB - Virtual size: 169KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 152KB - Virtual size: 151KB

.reloc
Size: 8KB - Virtual size: 7KB