be2adba779cdaf915dbf7f94b78674471ce1646a1d9c39f94ef64c09ee823ea2

Sharing

Copy URL

Twitter E-mail

General

Target

be2adba779cdaf915dbf7f94b78674471ce1646a1d9c39f94ef64c09ee823ea2
Size

174KB
MD5

6bf6420e912ef2529564add8b47d5cf3
SHA1

4fc918ba0adf8ff99cdd8b2e35f0103cc4fc9c9e
SHA256

be2adba779cdaf915dbf7f94b78674471ce1646a1d9c39f94ef64c09ee823ea2
SHA512

1babd377a6d2ecad2318465862abb08c5fc3d887b4b3a4d39b4bb8a81315c8a55e692653c0139f950c5d5281afcf101c67bd38ce4c755ba0d3308adef2fd5bfd
SSDEEP

3072:m5zTeFysa5jQyrb9leKJ3ACunj6mYC57U6RjGG1bQBJIhDmLLIwNEHimtmUi2:mIFysa5jQyrbDo6o/MJIZIlE

Score

N/A

Malware Config

Signatures

Files

be2adba779cdaf915dbf7f94b78674471ce1646a1d9c39f94ef64c09ee823ea2
.dll windows x86

3a3e3c2cb1ae22efeb1bf56d7f814c91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SheSetCurDrive
SHUpdateRecycleBinIcon
SHGetFolderPathW

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoSizeW

advapi32

CheckTokenMembership
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueW
OpenProcessToken
InitializeAcl
GetUserNameW
AddAccessDeniedAce
AdjustTokenPrivileges
AllocateAndInitializeSid
FreeSid
GetLengthSid

kernel32

WriteFile
WriteProcessMemory
_lcreat
lstrcmpiW
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
SetCommMask
CancelIo
ClearCommError
CloseHandle
ConnectNamedPipe
ContinueDebugEvent
ConvertThreadToFiber
CreateDirectoryW
CreateEventA
CreateFiber
CreateFileA
CreateFileMappingA
CreateNamedPipeW
CreateRemoteThread
CreateSemaphoreA
CreateThread
DebugActiveProcess
DebugBreak
DeleteCriticalSection
DeleteFiber
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FreeLibrary
GetCommMask
GetCommModemStatus
GetCommState
GetCommTimeouts
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetExitCodeProcess
GetFileSize
GetFileSizeEx
GetFileTime
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOverlappedResult
GetPriorityClass
GetProcAddress
GetProcessHeap
GetProcessTimes
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetThreadContext
GetThreadPriority
GetThreadSelectorEntry
GetThreadTimes
GetTickCount
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LockResource
MapViewOfFile
OpenEventW
OpenFileMappingW
OpenProcess
OutputDebugStringA
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
QueueUserAPC
RaiseException
ReadFile
ReadProcessMemory
ReleaseSemaphore
ResetEvent
ResumeThread
RtlUnwind
WaitForDebugEvent
SetCommState
SetCommTimeouts
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetLastError
SetThreadContext
SetUnhandledExceptionFilter
SetupComm
SizeofResource
Sleep
SleepEx
SuspendThread
SwitchToFiber
SystemTimeToFileTime
TerminateProcess
TerminateThread
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQueryEx
WaitCommEvent
WaitNamedPipeW

msvcrt

_CIfmod
_XcptFilter
__CxxFrameHandler
__RTCastToVoid
__dllonexit
__doserrno
_amsg_exit
_cscanf
_errno
_fileno
_flushall
_hypot
_initterm
_iob
_isatty
_itoa
_itow
_lock
_lseeki64
_onexit
_open_osfhandle
_purecall
_snprintf
_snwprintf
_spawnlp
_strlwr
_strnicmp
_unlock
_vsnprintf
_vsnwprintf
_wcsdup
_wcsicmp
_wcslwr
_wcsnicmp
_wcsupr
_wctime
_wfopen
_write
_wsetlocale
_wtmpnam
_wtol
atoi
atol
calloc
ctime
fclose
feof
fgets
fgetws
fprintf
free
frexp
fseek
isprint
isspace
iswalnum
iswalpha
iswdigit
iswspace
iswupper
iswxdigit
ldexp
localeconv
malloc
memcpy
memmove
memset
printf
qsort
realloc
strchr
strncat
strncmp
strrchr
strstr
strtoul
swscanf
time
towlower
towupper
wcschr
wcsncmp
wcsncpy
wcsrchr
wcsstr
wcstoul
wctomb

Exports

Exports

AGetReport
DeleteTempFileOnShutdown
GetLogInfo
MessageBoxInst
OpenDatabase

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a3e3c2cb1ae22efeb1bf56d7f814c91

Headers

DLL Characteristics

File Characteristics

Imports

shell32

version

advapi32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 53KB

.rdata Size: 92KB - Virtual size: 92KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 53KB - Virtual size: 53KB

.rdata
Size: 92KB - Virtual size: 92KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 12KB - Virtual size: 12KB