cf6bd646222463d111951726d7698e920f5ab7bd30003b278d9f35eed6857a85

Sharing

Copy URL Twitter E-mail

General

Target

cf6bd646222463d111951726d7698e920f5ab7bd30003b278d9f35eed6857a85
Size

131KB
MD5

f91cdb9e0b645fdb666e9c23476e96b4
SHA1

924b84296402c3dfdf8bbfcb52484ce96ac24f4a
SHA256

cf6bd646222463d111951726d7698e920f5ab7bd30003b278d9f35eed6857a85
SHA512

cbfa1c35fb0710b721df9d84cc166cc90590675b07e19dee5a7f9485f8b691eefeb8efa400b1df2c8102e82c98ab8e91d77ffce2b1d73c6de33da1b3fb2e4fe1
SSDEEP

3072:sh6rKYKlzh81vObGBgEs/sfG9lybL4OIW0KMMiU1m9:m6WzFdiBgf/sD4OIW0KNP

Score

N/A

Malware Config

Signatures

Files

cf6bd646222463d111951726d7698e920f5ab7bd30003b278d9f35eed6857a85
.dll windows x86

f1cc903f6f6cc42f11b529faa05c2fc0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

CloseServiceHandle
SetSecurityDescriptorDacl
QueryServiceStatus
OpenServiceA
InitializeSecurityDescriptor
DeleteService
CreateServiceA
ControlService
AdjustTokenPrivileges

ole32

WriteClassStm
RevokeDragDrop
ProgIDFromCLSID
CLSIDFromProgID
OleSetClipboard
OleSaveToStream
OleLockRunning
OleGetClipboard
GetRunningObjectTable
GetConvertStg
DoDragDrop
CoRegisterMessageFilter
CoLockObjectExternal
CoGetMalloc
CoCreateGuid
RegisterDragDrop

user32

EndDeferWindowPos
DestroyIcon
DestroyCaret
CreateCursor
CloseWindow
ShowCursor

shell32

SHGetMalloc
SHFileOperationA
SHGetFileInfoA
SHBindToParent

shlwapi

PathIsDirectoryA
PathFindExtensionA
PathQuoteSpacesA
PathAppendA
PathUnquoteSpacesA
StrChrA
StrStrIA
PathCanonicalizeA

msvcrt

strstr
strlen
sprintf
sscanf
fflush
free
rand

kernel32

lstrlenA
WriteFile
VirtualFree
SleepEx
SetLastError
SetEndOfFile
RtlUnwind
RaiseException
OpenFile
MapViewOfFile
LocalAlloc
HeapAlloc
GetVersion
GetModuleHandleA
FlushFileBuffers
lstrcmpiA

Exports

Exports

Cng
Dip
Fzl
Jyi
Nly
Pcx
Qwt
Syw

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1cc903f6f6cc42f11b529faa05c2fc0

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 28KB

.rdata Size: 32KB - Virtual size: 36KB

.data Size: 35KB - Virtual size: 36KB

.idata Size: 10KB - Virtual size: 12KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 27KB - Virtual size: 28KB

.rdata
Size: 32KB - Virtual size: 36KB

.data
Size: 35KB - Virtual size: 36KB

.idata
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 24KB - Virtual size: 28KB