a74f97059acbd38c8f0ebb92e23f1f4e04d4ce53ffdeb43b154486f3758445a0

Sharing

Copy URL

Twitter E-mail

General

Target

a74f97059acbd38c8f0ebb92e23f1f4e04d4ce53ffdeb43b154486f3758445a0
Size

64KB
MD5

9cf1b96d7cc831e9c7b5e6bb6c953c1f
SHA1

e5dd4764298e6ca5a946925bd5c7b8513d09ed80
SHA256

a74f97059acbd38c8f0ebb92e23f1f4e04d4ce53ffdeb43b154486f3758445a0
SHA512

c39cfcc24777ec9d699beea2d844f81b234f8fcfd077ac8592a4c6a0877594e34355cac15db283c674efe052e7bc543a5804fb9f78977ffd5523de68ce8f13b0
SSDEEP

1536:MSkwSiDNTj1fdNFmm31nK9S0w7z1yF9+RxROi0X:yxixTRfdNQS0Sz1ySRxROi0

Score

N/A

Malware Config

Signatures

Files

a74f97059acbd38c8f0ebb92e23f1f4e04d4ce53ffdeb43b154486f3758445a0
.dll windows x86

1d1d8f5133bfdefb7efe1dc1c4e634ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
CompareStringA
ReplaceFileW
RaiseException
AreFileApisANSI
LockFileEx
VirtualFree
SetConsoleActiveScreenBuffer
CreateJobObjectW
SetFileAttributesA
IsBadHugeReadPtr
CopyFileExW
CreateWaitableTimerW
CallNamedPipeA
FormatMessageA
LocalFlags
GetDiskFreeSpaceW
OpenThread
PeekConsoleInputA
WriteFile
AddAtomA
SetComputerNameExW
CreatePipe
GlobalReAlloc
Beep
FindResourceExA
SystemTimeToFileTime
UnregisterWaitEx
GetConsoleMode
InterlockedExchangeAdd
ReadConsoleW
FindFirstVolumeMountPointW
lstrcpyW
EscapeCommFunction
SleepEx
SetFileApisToOEM
SetEnvironmentVariableW
GlobalGetAtomNameA
SetDefaultCommConfigW
SearchPathW
FindCloseChangeNotification
MapViewOfFile
lstrlenW
UnmapViewOfFile
HeapAlloc
CreateDirectoryA
GetLastError
InitializeCriticalSection
LeaveCriticalSection
CreateThread
WaitForSingleObject
CopyFileA
VirtualProtect
MoveFileExA
CloseHandle
lstrlenA
GetSystemTimeAsFileTime
CreateFileMappingA
ReleaseMutex
GetModuleHandleA
GetProcAddress
GetComputerNameA
CreateProcessA
VirtualQuery
GetModuleFileNameA
CreateMutexA
GetProcessHeap
LoadLibraryA
GetUserDefaultLangID

ole32

StgIsStorageILockBytes
GetRunningObjectTable
CoFileTimeNow
OleLoadFromStream
GetHGlobalFromStream
CoSetProxyBlanket
StgIsStorageFile
ReadFmtUserTypeStg
BindMoniker
CreateOleAdviseHolder
OleSave
CoCreateGuid
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc

shlwapi

PathAddBackslashW
PathIsUNCServerShareW
PathCompactPathExW
SHGetValueA
PathMatchSpecW
PathIsDirectoryA
PathGetArgsW
AssocCreate
StrToIntA
StrStrIW

advapi32

GetEffectiveRightsFromAclW
RegUnLoadKeyA
CreateProcessAsUserA
RegDeleteKeyA
RegOpenKeyExW
StartServiceA
QueryServiceConfig2W
RegQueryInfoKeyA
RegQueryValueExA
RegDeleteValueA
RegSetValueExW
RegNotifyChangeKeyValue

shell32

SHGetSpecialFolderPathW
ExtractIconExA
SHGetFileInfoA
SHGetFolderPathA
SHGetInstanceExplorer
CommandLineToArgvW

gdi32

PlayEnhMetaFileRecord
TextOutW
GetMetaFileBitsEx
SetMagicColors
GetPolyFillMode
GetStretchBltMode
CreateRoundRectRgn
RemoveFontResourceW
ExtFloodFill
PolyPolygon
Ellipse
EndPage
GetGlyphOutlineA
SetBitmapBits
AbortDoc
RemoveFontResourceA
EnumFontFamiliesExA
CreatePen
CreateCompatibleDC
EqualRgn
PolyBezier
CreateBitmapIndirect
CreateDIBSection

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d1d8f5133bfdefb7efe1dc1c4e634ad

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 976B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 976B

.reloc
Size: 4KB - Virtual size: 1KB