f362b8543854ef8b3fb7f56ad454417c2fb0adb738acc39c332bee7bed363a85

Sharing

Copy URL Twitter E-mail

General

Target

f362b8543854ef8b3fb7f56ad454417c2fb0adb738acc39c332bee7bed363a85
Size

173KB
MD5

0bbdf73fa92f9b6535fe7287b6a3f938
SHA1

9c6ec48c400fb28623058557e1ec74ee4e601afc
SHA256

f362b8543854ef8b3fb7f56ad454417c2fb0adb738acc39c332bee7bed363a85
SHA512

b98d40b487e57fca8746d199015f68f8a7ada62ee11dbf33237a55db97a3d2988f3efa496925b472ceb8511053dec678455c1a4b032231a41f7d1143c338f315
SSDEEP

3072:nPxNv3HAqh1m035pGtOZIZbE4Xe2BhhqPuXaqJusZRE664G9nWdruFR0RcUHEOwH:5h3Aqh11350gubEKRPq+JIeO6dy8Kr0H

Score

N/A

Malware Config

Signatures

Files

f362b8543854ef8b3fb7f56ad454417c2fb0adb738acc39c332bee7bed363a85
.dll windows x86

67b52652514f1907c58f4be7017de2a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW
DragAcceptFiles

advapi32

GetUserNameW
SetSecurityDescriptorDacl
RegSetValueExW
AddAccessAllowedAce
AddAccessDeniedAce
AdjustTokenPrivileges
AllocateAndInitializeSid
AreAnyAccessesGranted
CheckTokenMembership
CryptSetProvParam
FreeSid
GetLengthSid
InitializeAcl
InitializeSecurityDescriptor
LsaRetrievePrivateData
OpenProcessToken
OpenThreadToken
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExA
RegQueryValueExA

msvcrt

wctomb
wcsrchr
wcsncpy
wcsncmp
towupper
towlower
swscanf
strtoul
strstr
strncmp
strncat
strcspn
strchr
sscanf
realloc
qsort
printf
memmove
memcpy
malloc
ldexp
iswupper
iswspace
iswprint
iswdigit
iswalpha
iswalnum
isspace
isprint
isleadbyte
ftell
fseek
fprintf
fgets
feof
ceil
atol
atoi
_wtol
_wstrtime
_wsetlocale
_write
_wrename
_wgetenv
_wctime
_wcsupr
_wcsnicmp
_wcslwr
_vsnwprintf
_strnicmp
_stricmp
_spawnlp
_spawnl
_snwprintf
_snprintf
_setsystime
_purecall
_popen
_onexit
_memicmp
_lseeki64
_lrotl
_itow
_ismbcsymbol
_ismbcspace
_isatty
_iob
_initterm
_heapused
_getche
_fileno
_execl
_errno
_atoi64
_amsg_exit
__pioinfo
__doserrno
__dllonexit
__badioinfo
__CxxFrameHandler
_XcptFilter
_wtmpnam

version

VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

kernel32

ExitProcess
EnterCriticalSection
WriteProcessMemory
WriteFile
WaitNamedPipeW
WaitForSingleObjectEx
WaitForMultipleObjects
WaitCommEvent
VirtualQueryEx
VirtualProtectEx
VirtualProtect
VirtualFree
VirtualAllocEx
VirtualAlloc
UnmapViewOfFile
UnhandledExceptionFilter
TerminateThread
SwitchToFiber
SuspendThread
SleepEx
SizeofResource
SetUnhandledExceptionFilter
SetThreadContext
SetFilePointer
SetEvent
SetErrorMode
SetEnvironmentVariableA
SetCommTimeouts
SetCommState
SetCommMask
RtlUnwind
ResetEvent
ReleaseSemaphore
ReadFile
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
PeekNamedPipe
OutputDebugStringA
OpenProcess
OpenFileMappingW
OpenEventW
MapViewOfFile
LockResource
LocalFree
LoadResource
LoadLibraryA
LeaveCriticalSection
IsBadWritePtr
IsBadCodePtr
InterlockedIncrement
InterlockedExchangeAdd
InterlockedDecrement
InterlockedCompareExchange
HeapFree
HeapDestroy
HeapAlloc
GetThreadTimes
GetThreadSelectorEntry
GetThreadPriority
GetThreadContext
GetTempPathA
GetTempFileNameW
GetTempFileNameA
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryA
GetProcessTimes
GetProcAddress
GetOverlappedResult
GetModuleHandleA
GetModuleFileNameA
GetLocalTime
GetLastError
GetFileSizeEx
GetExitCodeProcess
GetEnvironmentVariableA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
GetCommTimeouts
GetCommState
GetCommModemStatus
FreeLibrary
FindFirstFileA
FileTimeToSystemTime
DuplicateHandle
FileTimeToLocalFileTime
CancelIo
ClearCommError
ConnectNamedPipe
ContinueDebugEvent
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileMappingA
CreateNamedPipeW
CreateRemoteThread
CreateSemaphoreA
CreateThread
DebugActiveProcess
DebugBreak
DeleteFiber
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
FileTimeToDosDateTime

Exports

Exports

FIsEmptyW
GetTableColumnInfo
HrIStreamToBSTR
HrLPSZCPToBSTR
IndexRecordCount
OpenTempTable2

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67b52652514f1907c58f4be7017de2a3

Headers

DLL Characteristics

File Characteristics

Imports

shell32

advapi32

msvcrt

version

kernel32

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 98KB - Virtual size: 97KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 98KB - Virtual size: 97KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 2KB - Virtual size: 2KB