f4110e590f8d60ecd70b54d1ce4a59fc521e2ee142996aed55ff50b3c5d4b493

Sharing

Copy URL

Twitter E-mail

General

Target

f4110e590f8d60ecd70b54d1ce4a59fc521e2ee142996aed55ff50b3c5d4b493
Size

449KB
MD5

7e9e56fc433fb881981843cb1c289480
SHA1

7f1a0e01c07ba3da7fca3f2cff93c4a30fa2e65b
SHA256

f4110e590f8d60ecd70b54d1ce4a59fc521e2ee142996aed55ff50b3c5d4b493
SHA512

8f8f06811bc1dc913c5b117424a8bed5aecc9e7c44a98054e685c2cc45eb61c31b8d6c52b37e58c96bb9a3301d70b9137d14cdd64d3f50f34308d5ec8385dc2d
SSDEEP

6144:g5FqY6mmu6VXZeQyFaOetafTqjXfbZLbLJSADydNDpdBPF:g5FqY6mL6VpeQyF2zf9LbLHDyzL5

Score

N/A

Malware Config

Signatures

Files

f4110e590f8d60ecd70b54d1ce4a59fc521e2ee142996aed55ff50b3c5d4b493
.dll windows x86

1d99c48cf7d6b1674092b82b2aa2ead8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DisableThreadLibraryCalls
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetProfileStringW
GetSystemTimeAsFileTime
GetTickCount
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
LocalAlloc
LocalFree
OutputDebugStringA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
lstrcpyA
lstrlenA
CloseHandle
CreateEventA
CreateEventW
CreateThread
FindFirstChangeNotificationW
FreeLibrary
GetProcAddress
InterlockedDecrement
IsSystemResumeAutomatic
LoadLibraryW
OpenProcess
SetEvent
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteProfileStringA
lstrcatA
lstrcpyW
lstrcpynW
lstrlenW
DisconnectNamedPipe
FlushInstructionCache
GetModuleFileNameW
GetModuleHandleW
GetProcessHeap
GetTapeParameters
HeapDestroy
LoadLibraryA
SetComputerNameA
VirtualAlloc
VirtualFree
lstrcmpiW
FormatMessageW
GetCurrencyFormatW
GetCurrentThread
GetShortPathNameA
GetVersionExW
InterlockedIncrement
IsBadHugeReadPtr
ResetWriteWatch
lstrcmpW
CreateMutexA
DeviceIoControl
EnumResourceTypesW
FindResourceExW
FreeLibraryAndExitThread
GetCommState
LockFile
MapUserPhysicalPages
ReleaseMutex
ResetEvent
SetCommState
SetupComm
lstrcpynA
ConnectNamedPipe
ConvertThreadToFiber
FindResourceA
GetProcessAffinityMask
InterlockedCompareExchange
InterlockedExchange
VirtualProtectEx
GetCPInfo
GetLastError
HeapFree
HeapAlloc
CompareStringA
MultiByteToWideChar
CompareStringW
GetDriveTypeA
GetFullPathNameA
GetFileType
CreateFileW
ExitProcess
GetConsoleCP
ReadConsoleInputA
ReadConsoleInputW
SetConsoleMode
GetConsoleMode
CreateFileA
DeleteFileA
SetFilePointer
GetACP
GetOEMCP
IsValidCodePage
GetCommandLineA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetModuleHandleA
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
HeapCreate
FatalAppExitA
HeapReAlloc
WriteFile
GetModuleFileNameA
GetFileAttributesA
GetLocaleInfoA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetStdHandle
SetEndOfFile
ReadFile
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
HeapSize
PeekConsoleInputA
GetNumberOfConsoleInputEvents
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
RaiseException
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetFileAttributesW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetLocaleInfoW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
FlushFileBuffers
GetTimeZoneInformation
GetExitCodeProcess
CreateProcessA
CreateProcessW
SetEnvironmentVariableA
SetEnvironmentVariableW

oleaut32

OleLoadPictureEx
SafeArrayPutElement
VarCyFromStr
VarFormat
VarUI1FromUI4
DosDateTimeToVariantTime
SafeArrayRedim
VarParseNumFromStr
VarR4FromR8
VarDateFromBool
VarDecMul
VarI1FromStr
VarUI2FromUI1
VarUI4FromUI2
CreateTypeLib2
VarCyInt
VarI1FromR4

rpcrt4

RpcMgmtEpEltInqNextW
I_RpcBindingIsClientLocal
NdrConformantArrayMemorySize
NdrPointerMemorySize
RpcCertGeneratePrincipalNameW
NdrAllocate
NdrServerUnmarshall
I_RpcBindingInqTransportType
NdrConformantVaryingArrayBufferSize
NdrSimpleStructFree
RpcBindingServerFromClient
RpcSsDisableAllocate
NdrAsyncClientCall
NdrMesTypeAlignSize
RpcServerInqBindings
RpcObjectSetType

shell32

SHAddToRecentDocs
SHBindToParent
SHGetPathFromIDList
SHCreateProcessAsUserW
ExtractAssociatedIconExW

user32

CharUpperBuffA
LoadStringA
ScrollDC
wsprintfA
CharNextW
CharPrevW
GetMenuItemID
PeekMessageA
wsprintfW
DestroyAcceleratorTable
DialogBoxParamW
DlgDirListComboBoxA
EndDialog
GetCaretBlinkTime
GetDC
GetFocus
GetGUIThreadInfo
GetLastInputInfo
GetMenu
InvalidateRect
IsChild
ReleaseDC
SetFocus
ShowWindow
DdeQueryStringW
EnumDisplaySettingsA
GetClassLongA
GetClipboardFormatNameW
GetKeyNameTextA
LoadStringW
LookupIconIdFromDirectoryEx
MonitorFromPoint
SetThreadDesktop
AppendMenuA
DispatchMessageA
EnumChildWindows
GetClientRect
GetInputState
GetMessageA
OemToCharBuffA
PostThreadMessageA
RemoveMenu
TranslateMessage
GetKeyboardState
GetSystemMetrics
SetPropW

Exports

Exports

nuqshhpiaam

Sections

.text
Size: 343KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d99c48cf7d6b1674092b82b2aa2ead8

Headers

File Characteristics

Imports

kernel32

oleaut32

rpcrt4

shell32

user32

Exports

Exports

Sections

.text Size: 343KB - Virtual size: 343KB

.rdata Size: 47KB - Virtual size: 47KB

.data Size: 42KB - Virtual size: 55KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 343KB - Virtual size: 343KB

.rdata
Size: 47KB - Virtual size: 47KB

.data
Size: 42KB - Virtual size: 55KB

.reloc
Size: 14KB - Virtual size: 14KB