f1f836b5920a454e1d3a2e2b60675484581b1d43fe7cfa78001a6f432e821468

Sharing

Copy URL

Twitter E-mail

General

Target

f1f836b5920a454e1d3a2e2b60675484581b1d43fe7cfa78001a6f432e821468
Size

456KB
MD5

2b12daa36fb55d7e94e3fe717e0c3760
SHA1

f08f4cfbc9c02718f24faf9080c3a296f86acd3f
SHA256

f1f836b5920a454e1d3a2e2b60675484581b1d43fe7cfa78001a6f432e821468
SHA512

4d4564ce1c72cc62cc276a8953ab22476ddf924fdfe386e15990bfa4f492dad8f8b73c8344077dbf40e7d686448a8bd03cad22b04afaae18f7606e707fbde57d
SSDEEP

6144:SiZRB0cDJZryLsARsPB2IFZFQtbXqhxbYSml2ottunJymfqivKPDxqp:VqcD7tZ2bXqhgl2ottuJymf1yqp

Score

N/A

Malware Config

Signatures

Files

f1f836b5920a454e1d3a2e2b60675484581b1d43fe7cfa78001a6f432e821468
.dll windows x86

19f61e9ded1f9003401f31f67ab51e17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetCurrentThreadId
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
OpenFileMappingA
ReleaseMutex
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
EnumLanguageGroupLocalesA
FreeLibrary
GetCPInfoExW
GetCommState
GetCurrentDirectoryA
GetSystemDirectoryA
GetSystemDirectoryW
GetThreadLocale
GlobalAlloc
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
InterlockedIncrement
MultiByteToWideChar
ReadConsoleOutputW
SizeofResource
VirtualAlloc
VirtualFree
lstrcatW
lstrlenA
lstrlenW
CloseHandle
FindResourceW
GetCurrentProcessId
GetModuleHandleW
GetPrivateProfileStructW
GetProcAddress
GetVersionExW
InterlockedCompareExchange
InterlockedExchange
LoadLibraryExW
LoadResource
MapViewOfFile
OpenFileMappingW
RaiseException
SetFileAttributesW
Sleep
WritePrivateProfileSectionW
WriteProfileSectionW
lstrcmpiW
InterlockedDecrement
IsBadCodePtr
lstrcpynA
CommConfigDialogA
CreateFileW
CreateHardLinkW
DeviceIoControl
EnumCalendarInfoExW
LocalAlloc
LocalFree
OpenJobObjectA
OpenSemaphoreA
WaitForMultipleObjects
WideCharToMultiByte
EnumTimeFormatsW
GetCommProperties
GetTempFileNameA
HeapCreate
HeapDestroy
LoadLibraryW
SetErrorMode
SetFilePointerEx
WritePrivateProfileStructW
GetQueuedCompletionStatus
GetTickCount
IsBadHugeWritePtr
QueryPerformanceFrequency
CallNamedPipeW
CompareStringW
ConvertDefaultLocale
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FindVolumeClose
FormatMessageW
GetDefaultCommConfigW
IsDBCSLeadByteEx
Module32NextW
WriteProfileSectionA
lstrcmpA
GetConsoleAliasExesLengthA
GetSystemTimeAsFileTime
GetThreadPriorityBoost
GetWindowsDirectoryA
GlobalMemoryStatus
MulDiv
QueryPerformanceCounter
SetDefaultCommConfigA
SetWaitableTimer
BuildCommDCBW
CreateConsoleScreenBuffer
EnumSystemCodePagesA
EnumSystemLocalesA
GetShortPathNameW
GetStartupInfoA
GetTapeParameters
GlobalAddAtomA
IsDebuggerPresent
LocalReAlloc
Process32First
ReadFileScatter
SetCommConfig
SetCurrentDirectoryW
EnumSystemLanguageGroupsA
SetSystemTimeAdjustment
TransactNamedPipe
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetLastError
CreateDirectoryA
ReadFile
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
GetModuleHandleA
SetFileAttributesA
GetFileAttributesA
CreateProcessA
DuplicateHandle
EnterCriticalSection
LeaveCriticalSection
MoveFileW
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
IsBadReadPtr
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
LoadLibraryA
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
SetFilePointer
GetCommandLineA
GetVersionExA
DeleteFileA
CompareStringA
ReadConsoleA
GetConsoleCP
ReadConsoleW
SetConsoleMode
GetConsoleMode
GetFileInformationByHandle
PeekNamedPipe
HeapSize
GetDriveTypeA
CreateProcessW
GetDriveTypeW
FindFirstFileW
GetLocalTime
InitializeCriticalSection
SetStdHandle
FatalAppExitA
IsBadWritePtr
WriteFile
FlushFileBuffers
CreatePipe
GetExitCodeProcess
WaitForSingleObject
VirtualProtect
GetSystemInfo
VirtualQuery
GetLocaleInfoA
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
GetFullPathNameW
GetFileAttributesW
SetEndOfFile
GetTimeZoneInformation
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
RtlUnwind
CreateFileA
GetFullPathNameA
SetCurrentDirectoryA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
IsValidLocale
IsValidCodePage
GetCurrentDirectoryW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetLocaleInfoW

ole32

CoInitialize
CLIPFORMAT_UserUnmarshal
RevokeDragDrop
OleGetIconOfFile
OleCreateLinkEx
OleInitialize
CoSwitchCallContext
StringFromGUID2
StringFromCLSID
StgSetTimes
ReleaseStgMedium
OleConvertIStorageToOLESTREAMEx
CreateDataCache
CoMarshalInterface
CoCreateInstance
GetHGlobalFromILockBytes
HBITMAP_UserUnmarshal
CoRegisterMessageFilter
OleGetAutoConvert
CoTaskMemAlloc
CoGetCurrentLogicalThreadId
CoTaskMemRealloc
CoTaskMemFree
CoEnableCallCancellation

oleaut32

VarDateFromDec
VarUI2FromR8
VarI2FromUI2
VarI2FromCy
VarFormat
VarBstrFromI1
VarR4FromI4
VarI4FromUI2
VarDiv
VarDecFromR4
VarDecFromBool
VarDecFix
VarDecCmp
SysAllocStringByteLen
LPSAFEARRAY_Marshal
VarBoolFromDec
VarI1FromDate
VarDateFromUdate
VarI4FromR8
VarR4FromR8
VarR4FromBool
VarCyFromDate
SafeArrayPutElement

rpcrt4

RpcBindingFromStringBindingW
RpcBindingSetAuthInfoW
RpcMgmtInqServerPrincNameW
RpcStringBindingComposeW
RpcStringFreeW
I_RpcGetBufferWithObject
I_RpcTransConnectionReallocPacket
IUnknown_AddRef_Proxy
NdrCStdStubBuffer2_Release
NdrDllCanUnloadNow
NdrNonConformantStringBufferSize
RpcMgmtInqDefaultProtectLevel
NdrProxyInitialize
RpcServerRegisterIf
NdrRpcSsDefaultFree
I_RpcDeleteMutex
RpcBindingFree
RpcMgmtInqComTimeout
NdrConformantStructMemorySize
UuidToStringA
RpcSsSwapClientAllocFree
NdrClientCall2
I_RpcServerInqTransportType
RpcMgmtInqServerPrincNameA
NdrNonEncapsulatedUnionFree

shell32

ShellHookProc
SheGetDirA
SHExtractIconsW
SHAppBarMessage
SHFreeNameMappings
ShellExecuteExW
SHCreateDirectoryExW
SHGetFolderPathW

Exports

Exports

BGMBJB

Sections

.text
Size: 360KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19f61e9ded1f9003401f31f67ab51e17

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

rpcrt4

shell32

Exports

Exports

Sections

.text Size: 360KB - Virtual size: 356KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 20KB - Virtual size: 32KB

.reloc Size: 16KB - Virtual size: 14KB

.text
Size: 360KB - Virtual size: 356KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 20KB - Virtual size: 32KB

.reloc
Size: 16KB - Virtual size: 14KB