1538f07865a5f69b44c5a4aeb44f13456fec0eed3f590b4b922519a1757b5f93

General

Target

1538f07865a5f69b44c5a4aeb44f13456fec0eed3f590b4b922519a1757b5f93
Size

54KB
MD5

abf10a31449dfe07caf221f95b2535e7
SHA1

68402f068961c97c8cbe8bbf3750e9c5546aa487
SHA256

1538f07865a5f69b44c5a4aeb44f13456fec0eed3f590b4b922519a1757b5f93
SHA512

64186e75ac049826d4ac905aa42efdf039f5fa4fc42fb984b0d22ec2c069c5404f4c3f034270fb1d4afbcd4fcf6e71cca5eceaf6883375dd004f20f697af5452
SSDEEP

768:mnytLU6unEEJy4j3Q+XZgeNDk/al/2y1Dc/e+DbV9psysSfDPExEAHRre:27dn241XZgpa12y1DcW+3zs4ExEAx

Score

N/A

Malware Config

Signatures

Files

1538f07865a5f69b44c5a4aeb44f13456fec0eed3f590b4b922519a1757b5f93
.dll windows x86

2c4ba52ded26c2e8eda672ec6f4a247e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteEmptyKeyA
ord195
AssocCreate
SHDeleteKeyA
PathRemoveBackslashA

ole32

CoUninitialize
CoInitialize

kernel32

GetVersionExW
GetVersionExA
WideCharToMultiByte
GetCommandLineW
GetModuleHandleA
GetEnvironmentVariableW
SetErrorMode
Sleep
ResetEvent
CreateEventA
GetWindowsDirectoryA
FormatMessageA
GlobalFree
WaitForMultipleObjects
CreateEventW
GetCurrentProcess
GetVolumeInformationA
GetDriveTypeA
VirtualAlloc
VirtualFree
CreateFileA
ReadFile
WriteFile
GetCurrentProcessId
GetModuleFileNameA
GetSystemTime
SystemTimeToFileTime
LocalAlloc
GetFileSize
SearchPathA
CreateSemaphoreA
OpenSemaphoreA
TryEnterCriticalSection
SwitchToThread
ResumeThread
CreateThread
TerminateThread
IsDBCSLeadByteEx
GetStringTypeW
HeapReAlloc
GetStringTypeA
GetCPInfo

user32

MessageBeep
GetWindowLongA
SendMessageA
GetDlgItem
MessageBoxW

winhttp

WinHttpCloseHandle
WinHttpConnect

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey

shell32

SHGetFolderPathW

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 286B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c4ba52ded26c2e8eda672ec6f4a247e

Headers

File Characteristics

Imports

shlwapi

ole32

kernel32

user32

winhttp

advapi32

shell32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 13KB

.reloc Size: 512B - Virtual size: 286B

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 13KB

.reloc
Size: 512B - Virtual size: 286B