899fed5a065ade0371623e106a5903d3c518e54998e0fdaf95b0b5b922b70977

Sharing

Copy URL Twitter E-mail

General

Target

899fed5a065ade0371623e106a5903d3c518e54998e0fdaf95b0b5b922b70977
Size

76KB
MD5

df86817972ea2c8e6f87ffac16758da3
SHA1

87508d4e861953d72f4636782698fb9b4d691eb2
SHA256

899fed5a065ade0371623e106a5903d3c518e54998e0fdaf95b0b5b922b70977
SHA512

350b80fc6ced0108b0ac5cfbbda9582eff11a3a8a01551caa0129d249cdb2d8746d2feb01884b2c5e4df1a98cd1d5b1c307c82b870b04ed61b2af982d1260cd1
SSDEEP

1536:uFOy7CerfcAVh3n527jvgp8PN9GNJ/qQ+a+1t3vhzQtBgp8Gf:+Oy7CEzhp2PU8F0NJF+a+1t3vdQt28Gf

Score

N/A

Malware Config

Signatures

Files

899fed5a065ade0371623e106a5903d3c518e54998e0fdaf95b0b5b922b70977
.dll windows x86

65413550b6f27e293dda10f308054520

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
GetFileInformationByHandle
DosDateTimeToFileTime
GetThreadContext
CompareStringW
OpenMutexA
ExitProcess
GetDefaultCommConfigW
CreateEventA
ReplaceFileW
VirtualUnlock
LockResource
GetHandleInformation
lstrcpynW
GetBinaryTypeA
EnumUILanguagesW
VerSetConditionMask
QueueUserAPC
CreateProcessW
FindAtomA
GetFileAttributesA
GetLocalTime
OpenFile
AddAtomW
GetFileType
LockFile
TryEnterCriticalSection
HeapCompact
ClearCommError
GlobalMemoryStatusEx
FindResourceW
GetSystemDefaultLangID
PeekNamedPipe
CreateWaitableTimerW
ReadFile
VerifyVersionInfoA
UpdateResourceA
SetConsoleCtrlHandler
LocalLock
UnregisterWait
GetWindowsDirectoryW
WaitNamedPipeA
RegisterWaitForSingleObjectEx
GetSystemInfo
AssignProcessToJobObject
CreateDirectoryW
Sleep
ReadConsoleA
OpenSemaphoreW
MoveFileW
HeapSize
CallNamedPipeA
OpenFileMappingW
GetDateFormatW
LoadResource
GetVersion
FindFirstFileExW
DeleteFileA
SleepEx
GetSystemDirectoryW
SetVolumeMountPointW
GetTempFileNameW
CreateMutexW
GetSystemDefaultUILanguage
GetEnvironmentVariableA
CreateSemaphoreA
SetFilePointer
GetProfileIntW
LCMapStringW
RemoveDirectoryW
IsWow64Process
lstrcatA
FindNextVolumeW
DisconnectNamedPipe
SetSystemTime
GetStringTypeA
GetCurrentProcess
SetConsoleMode
CancelWaitableTimer
FreeResource
SetConsoleTextAttribute
QueueUserWorkItem
LCMapStringA
GetDriveTypeA
GetStringTypeExA
GetLogicalDrives
LocalUnlock
GetConsoleCP
SetDefaultCommConfigW
CancelIo
SetFileTime
GetUserDefaultLCID
GetVolumePathNamesForVolumeNameW
OpenEventA
WinExec
FlushConsoleInputBuffer
GetTimeZoneInformation
CreateIoCompletionPort
OpenJobObjectW
IsBadStringPtrA
lstrcpyA
SetProcessWorkingSetSize
IsValidLocale
SetCurrentDirectoryA
IsBadStringPtrW
GetTempPathW
GetQueuedCompletionStatus
SetStdHandle
InterlockedCompareExchange
CreateConsoleScreenBuffer
GlobalFree
GetCurrentThread
GetTimeFormatW
TerminateProcess
CreateMailslotA
ExpandEnvironmentStringsW
VerifyVersionInfoW
SetLastError
ResumeThread
InterlockedDecrement
FindFirstVolumeW
IsBadHugeReadPtr
GetModuleFileNameA
CreateFileMappingA
GetLastError
HeapAlloc
WaitForSingleObject
CreateDirectoryA
LoadLibraryA
lstrcpyW
ReleaseMutex
CopyFileA
CloseHandle
CreateProcessA
HeapValidate
MapViewOfFile
GetModuleHandleA
InitializeCriticalSection
lstrlenA
lstrlenW
InterlockedExchange
CreateThread
LeaveCriticalSection
GetProcAddress
HeapFree
GetComputerNameA
GetLocaleInfoW
lstrcatW

advapi32

RegSetValueExA
RegCloseKey
RegEnumValueW
RegOpenKeyW
RegisterEventSourceA
GetInheritanceSourceW
StartServiceA
GetTokenInformation
ControlService
RegCreateKeyW
NotifyBootConfigStatus
StartServiceCtrlDispatcherA
RegisterEventSourceW
GetServiceKeyNameW
RegQueryValueExW
ChangeServiceConfigW
RegCreateKeyExW
DeregisterEventSource
RegEnumKeyA
OpenEventLogA
OpenEventLogW
GetOldestEventLogRecord
RegDeleteKeyW
CloseServiceHandle
ImpersonateLoggedOnUser
EnumServicesStatusW
DuplicateToken
SetEntriesInAclW
ImpersonateNamedPipeClient
RegConnectRegistryA
LockServiceDatabase
GetNumberOfEventLogRecords
RegQueryValueA
QueryServiceConfig2W
CreateProcessWithLogonW
RegOpenKeyExA

gdi32

PolyBezier
GetFontResourceInfoW
GetGlyphOutlineW
ScaleWindowExtEx
GetSystemPaletteUse
CreateScalableFontResourceA
StrokePath
Polygon
PatBlt
AnimatePalette
GetRandomRgn
GetRgnBox
GetDCOrgEx
PolyPolyline
CreateEnhMetaFileW
CreateDiscardableBitmap
SetTextColor
FlattenPath
GetViewportOrgEx
DPtoLP
EnumFontFamiliesA
GetLayout
TextOutW
UnrealizeObject
GetCharABCWidthsA
StartDocW
GetTextAlign
PolyBezierTo
RemoveFontResourceA
CopyEnhMetaFileA
PathToRegion
ExtTextOutA
SetArcDirection
FillPath
StartPage
PolyDraw
GetNearestColor
IntersectClipRect
Polyline
CreatePen
StartDocA
SetBrushOrgEx
GetCharWidthW
BitBlt
CreateEllipticRgnIndirect
GetBrushOrgEx
RoundRect
PolylineTo
CreatePatternBrush
CreateDCA
OffsetWindowOrgEx
CloseEnhMetaFile
GetPath
GetObjectW
GetMetaFileBitsEx
RealizePalette
OffsetRgn
CopyMetaFileA
PaintRgn
SetPaletteEntries
GetPixel
EnumFontsA
CreateHatchBrush
GetWindowExtEx
CreatePalette
UpdateColors
TranslateCharsetInfo
TextOutA
SetAbortProc
CloseMetaFile

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65413550b6f27e293dda10f308054520

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 1008B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 1008B

.reloc
Size: 4KB - Virtual size: 2KB