a0dc444bfb7f2b7e241626e7e5ea6444bca669b36670b1065db6b1a6f42d6d88

Sharing

Copy URL Twitter E-mail

General

Target

a0dc444bfb7f2b7e241626e7e5ea6444bca669b36670b1065db6b1a6f42d6d88
Size

174KB
MD5

d04eed0c15cde372d881a869ab70cc36
SHA1

60b8587913d5a138a576a88ee52c46d3c77e6fc8
SHA256

a0dc444bfb7f2b7e241626e7e5ea6444bca669b36670b1065db6b1a6f42d6d88
SHA512

512b20f6cb7f597ae61b6cd1ca266651b2efc6ae76fdfa7c03e0cdcc431b5d7e228619573b5f6476cd2b9a73bcb563bb67707a31d946f2575c6bfc29dd7345b3
SSDEEP

3072:tILu7/PLrpESBgpr6u6jXDD6qeipVYzRLp05ldvlTPjFUML4uTe3ExwNEHi99hQO:tI0LrpTgN6uAFuGlddzWY9e5Ey

Score

N/A

Malware Config

Signatures

Files

a0dc444bfb7f2b7e241626e7e5ea6444bca669b36670b1065db6b1a6f42d6d88
.dll windows x86

3a3e3c2cb1ae22efeb1bf56d7f814c91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SheSetCurDrive
SHUpdateRecycleBinIcon
SHGetFolderPathW

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoSizeW

advapi32

CheckTokenMembership
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueW
OpenProcessToken
InitializeAcl
GetUserNameW
AddAccessDeniedAce
AdjustTokenPrivileges
AllocateAndInitializeSid
FreeSid
GetLengthSid

kernel32

WriteFile
WriteProcessMemory
_lcreat
lstrcmpiW
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
SetCommMask
CancelIo
ClearCommError
CloseHandle
ConnectNamedPipe
ContinueDebugEvent
ConvertThreadToFiber
CreateDirectoryW
CreateEventA
CreateFiber
CreateFileA
CreateFileMappingA
CreateNamedPipeW
CreateRemoteThread
CreateSemaphoreA
CreateThread
DebugActiveProcess
DebugBreak
DeleteCriticalSection
DeleteFiber
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FreeLibrary
GetCommMask
GetCommModemStatus
GetCommState
GetCommTimeouts
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetExitCodeProcess
GetFileSize
GetFileSizeEx
GetFileTime
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOverlappedResult
GetPriorityClass
GetProcAddress
GetProcessHeap
GetProcessTimes
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetThreadContext
GetThreadPriority
GetThreadSelectorEntry
GetThreadTimes
GetTickCount
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LockResource
MapViewOfFile
OpenEventW
OpenFileMappingW
OpenProcess
OutputDebugStringA
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
QueueUserAPC
RaiseException
ReadFile
ReadProcessMemory
ReleaseSemaphore
ResetEvent
ResumeThread
RtlUnwind
WaitForDebugEvent
SetCommState
SetCommTimeouts
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetLastError
SetThreadContext
SetUnhandledExceptionFilter
SetupComm
SizeofResource
Sleep
SleepEx
SuspendThread
SwitchToFiber
SystemTimeToFileTime
TerminateProcess
TerminateThread
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQueryEx
WaitCommEvent
WaitNamedPipeW

msvcrt

_CIfmod
_XcptFilter
__CxxFrameHandler
__RTCastToVoid
__dllonexit
__doserrno
_amsg_exit
_cscanf
_errno
_fileno
_flushall
_hypot
_initterm
_iob
_isatty
_itoa
_itow
_lock
_lseeki64
_onexit
_open_osfhandle
_purecall
_snprintf
_snwprintf
_spawnlp
_strlwr
_strnicmp
_unlock
_vsnprintf
_vsnwprintf
_wcsdup
_wcsicmp
_wcslwr
_wcsnicmp
_wcsupr
_wctime
_wfopen
_write
_wsetlocale
_wtmpnam
_wtol
atoi
atol
calloc
ctime
fclose
feof
fgets
fgetws
fprintf
free
frexp
fseek
isprint
isspace
iswalnum
iswalpha
iswdigit
iswspace
iswupper
iswxdigit
ldexp
localeconv
malloc
memcpy
memmove
memset
printf
qsort
realloc
strchr
strncat
strncmp
strrchr
strstr
strtoul
swscanf
time
towlower
towupper
wcschr
wcsncmp
wcsncpy
wcsrchr
wcsstr
wcstoul
wctomb

Exports

Exports

AGetReport
DeleteTempFileOnShutdown
GetLogInfo
MessageBoxInst
OpenDatabase

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a3e3c2cb1ae22efeb1bf56d7f814c91

Headers

DLL Characteristics

File Characteristics

Imports

shell32

version

advapi32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 91KB - Virtual size: 91KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 91KB - Virtual size: 91KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 12KB - Virtual size: 12KB