ffaff7fbb87693366af91debb05d6972450df85e652c1d805ca518be214cfa24

Sharing

Copy URL Twitter E-mail

General

Target

ffaff7fbb87693366af91debb05d6972450df85e652c1d805ca518be214cfa24
Size

444KB
MD5

d762456ca2b6043aae54f8fc1fe175bf
SHA1

7701f07fccae6f97db6c498c4f6d0bc2936004e7
SHA256

ffaff7fbb87693366af91debb05d6972450df85e652c1d805ca518be214cfa24
SHA512

966c433bae1f72a886d264a87a0a203a14fb4cf7e1369fdb02387830e0e3f74551fba821495062a7733d9588b91e4ef5c508560ad604dcb21de6e4fec6248160
SSDEEP

12288:oq/IAC/CSwMVxEgap6ZMRTvvlEONs0Cee:3IvCkcgapxRTn6Us0Ce

Score

N/A

Malware Config

Signatures

Files

ffaff7fbb87693366af91debb05d6972450df85e652c1d805ca518be214cfa24
.dll windows x86

890a5c9420e3afb1517f47f1921a454d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetSystemDirectoryA
GetTickCount
GetVersionExA
GetWindowsDirectoryA
LoadLibraryA
QueryPerformanceCounter
SetLastError
GetProcessPriorityBoost
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
WaitForSingleObject
lstrlenA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFullPathNameA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
FreeLibrary
FindNextFileA
FindFirstFileA
FindClose
CloseHandle
CreateProcessA
CopyFileA
SetUnhandledExceptionFilter

shell32

SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA

advapi32

OpenSCManagerA
QueryServiceStatus
OpenServiceA
OpenProcessToken
LookupPrivilegeValueA
GetTokenInformation
GetSecurityDescriptorLength
EqualSid
CryptDecrypt
ControlService
AllocateAndInitializeSid
AdjustTokenPrivileges
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey

msvcrt

_onexit
_setmbcp
_initterm
_strupr
exit
sprintf
strncpy
strstr
_exit
_except_handler3
_controlfp
_cexit
_c_exit
_adjust_fdiv
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__getmainargs
__dllonexit
__CxxFrameHandler
_XcptFilter
_strnicmp

user32

TranslateMessage
SetForegroundWindow
SendMessageA
PostMessageA
LoadIconA
IsIconic
GetWindow
FrameRect
FindWindowA
ExitWindowsEx
EnumWindows
EnableWindow
DrawIcon
DispatchMessageA

Exports

Exports

AsFile
FromVoidPtrAndDesc
SetBufSize
set_write_status_fn

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

890a5c9420e3afb1517f47f1921a454d

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

msvcrt

user32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 213KB - Virtual size: 213KB

.data Size: 108KB - Virtual size: 108KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 213KB - Virtual size: 213KB

.data
Size: 108KB - Virtual size: 108KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 4KB - Virtual size: 3KB