ef188b355a7e75b1bf50df9df6c0ad8300ff01f0a66e03980d43d5d5879c8e71

Sharing

Copy URL Twitter E-mail

General

Target

ef188b355a7e75b1bf50df9df6c0ad8300ff01f0a66e03980d43d5d5879c8e71
Size

29KB
MD5

286f24d193e6b29bc6b6d27630f7e950
SHA1

272ef09e7327d1b33dc79ea35490788566beb52d
SHA256

ef188b355a7e75b1bf50df9df6c0ad8300ff01f0a66e03980d43d5d5879c8e71
SHA512

23a3b62b97ae673d6d4948a2b13883c5bf82f9a59b61c178419a777fb160fa57069bc5073868788d697c7e9d1445dffede3369d22b3ec102f93f1964060871d8
SSDEEP

384:WZ2nX2ZPbMlifZ5eIHYSVmVUh2p+VLLg/XrA7iHTGouVHdtgM2y8zsDJ:W8nE5eMbVmadng/XryiHCp9tSzG

Score

N/A

Malware Config

Signatures

Files

ef188b355a7e75b1bf50df9df6c0ad8300ff01f0a66e03980d43d5d5879c8e71
.exe windows x86

6a1390316e360598bb9119c79b0c710d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
LocalFree
GetUserDefaultUILanguage
DebugBreak
DeleteCriticalSection
InitializeCriticalSection
GetProcAddress
GetThreadLocale
LoadLibraryW
GetCurrentProcess
FreeLibrary
InterlockedIncrement
GetCurrentProcessId
OutputDebugStringW
WideCharToMultiByte
GetSystemTimeAsFileTime
lstrcmpW
GetStringTypeExW
GetFileTime
EnterCriticalSection
CreateFileW
CloseHandle
FormatMessageW
GetLastError
CreateDirectoryW
MultiByteToWideChar
GetLocaleInfoW
GetUserDefaultLCID
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
lstrlenW
lstrlenA
GetSystemDefaultLCID
GetModuleHandleW
LeaveCriticalSection

advapi32

RegEnumKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW

rpcrt4

IUnknown_AddRef_Proxy
CStdStubBuffer_Connect
CStdStubBuffer_Invoke
NdrCStdStubBuffer_Release
CStdStubBuffer_Disconnect
NdrOleFree
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
IUnknown_QueryInterface_Proxy
NdrDllCanUnloadNow
CStdStubBuffer_DebugServerRelease
NdrDllGetClassObject
CStdStubBuffer_QueryInterface
CStdStubBuffer_AddRef
NdrDllUnregisterProxy
NdrOleAllocate
IUnknown_Release_Proxy
NdrDllRegisterProxy

shlwapi

PathFileExistsW

user32

wvsprintfW
CharNextW
CharLowerW
LoadStringW

ole32

CoInitialize
CoCreateInstance
CoUninitialize

rtutils

TracePrintfA
TraceDeregisterW

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a1390316e360598bb9119c79b0c710d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

rpcrt4

shlwapi

user32

ole32

rtutils

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 908B

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 908B