387db3d1b82c9077120503db5bbd95eb4e8722805b410451d325712ea7de1524

Sharing

Copy URL

Twitter E-mail

General

Target

387db3d1b82c9077120503db5bbd95eb4e8722805b410451d325712ea7de1524
Size

284KB
MD5

822dfc2cb2f04a40daf371c289f7eaf0
SHA1

d3e09ce0d9893b7e60220bb24b72a20ddff2324d
SHA256

387db3d1b82c9077120503db5bbd95eb4e8722805b410451d325712ea7de1524
SHA512

95b0de971c2b5d21ed3258ce71aa5b083d39fe4a9aa0f159159dde9a6c54bd813787ea0952700baa3b275c12b994cc1748f73f9951a8c5d6eb4179ed7ae797bc
SSDEEP

6144:CPkegtQUar+vmt06eWA2MIIo96680ln90:CAiUY+Oa2jIK6o30

Score

N/A

Malware Config

Signatures

Files

387db3d1b82c9077120503db5bbd95eb4e8722805b410451d325712ea7de1524
.dll windows x86

b408f4884a7f9762392c23c10743cc38

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
PrivilegeCheck
QueryUsersOnEncryptedFile
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
CryptExportKey
GetFileSecurityW
ImpersonateLoggedOnUser
LsaEnumerateAccounts
OpenProcessToken
RegEnumKeyExA
RegQueryInfoKeyA

kernel32

ClearCommError
CloseHandle
CreateEventA
CreateFileA
CreateThread
DebugBreak
DeleteFileA
EscapeCommFunction
FlushFileBuffers
GetCommState
GetCommTimeouts
GetCurrentThread
GetCurrentThreadId
GetLocalTime
GetOverlappedResult
GetTickCount
GetWindowsDirectoryA
HeapCreate
MultiByteToWideChar
OpenSemaphoreW
PostQueuedCompletionStatus
PurgeComm
ReadFile
ResetEvent
SetCommMask
SetCommState
SetCommTimeouts
SetConsoleCP
SetEvent
SetFilePointer
SetThreadPriority
Sleep
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WriteFile
_lclose
_lcreat
_lopen
_lwrite
lstrcatA
lstrcpyA
lstrlenA
CloseProfileUserMapping
CompareStringA
EnumCalendarInfoExA
EnumResourceNamesW
FindFirstFileExA
FindResourceA
GetComputerNameW
GetEnvironmentStrings
GetFullPathNameW
GetProcAddress
GetTapeStatus
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
LocalAlloc
LocalFree
OpenEventW
RegisterWaitForSingleObject
ReleaseMutex
RequestWakeupLatency
SetThreadLocale
WriteProfileStringW
lstrcmpiA
lstrcpynA
GetLastError
GetDiskFreeSpaceA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
IsBadReadPtr
GetCommandLineA
GetFullPathNameA
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
FindFirstFileW
FindNextFileW
GetDriveTypeW
GetFileType
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetFileAttributesW
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapFree
HeapReAlloc
IsBadWritePtr
RtlUnwind
WideCharToMultiByte
GetTimeZoneInformation
RaiseException
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteConsoleA
GetCurrentDirectoryA
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetCurrentDirectoryA
FindNextFileA
CompareStringW
SetStdHandle
SetEndOfFile
GetExitCodeProcess
CreateProcessW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetEnvironmentVariableW
GetCurrentDirectoryW
IsBadCodePtr
SetConsoleCtrlHandler
GetLocaleInfoW
SetEnvironmentVariableA

ole32

CreateBindCtx
StgGetIFillLockBytesOnFile
CoRegisterMessageFilter
OleConvertOLESTREAMToIStorage
HENHMETAFILE_UserMarshal
OleDraw

shell32

StrRStrIW
StrNCmpIA

Exports

Exports

Mpbtvg

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b408f4884a7f9762392c23c10743cc38

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

shell32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 44KB - Virtual size: 54KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 44KB - Virtual size: 54KB

.reloc
Size: 12KB - Virtual size: 11KB