fcd71764a85d33c655e0e05ff49cd0a83ba253bdca9ca58c7d9c028fe7b0af72

Sharing

Copy URL

Twitter E-mail

General

Target

fcd71764a85d33c655e0e05ff49cd0a83ba253bdca9ca58c7d9c028fe7b0af72
Size

132KB
MD5

16a07238551d1938dc96b15158402b95
SHA1

9aceb6609231bea2406dea6084612482c7bb917c
SHA256

fcd71764a85d33c655e0e05ff49cd0a83ba253bdca9ca58c7d9c028fe7b0af72
SHA512

7f1bc942e9e552de4f740d5c847a128fc9e2f3da81be8dfc3b5c66ab53f774a5e224b1271cc82b27ab046e2837fe4e66effe4021d4724bdcb7f38c2d4c4c8742
SSDEEP

3072:wXmrQCFfWjdxFIpFgb30lFOSnlT/VW4DsImXUV:w8MzFIbgrU1VW4D0XU

Score

N/A

Malware Config

Signatures

Files

fcd71764a85d33c655e0e05ff49cd0a83ba253bdca9ca58c7d9c028fe7b0af72
.dll windows x86

834a5295cd9b007857a1544d71300a81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

BuildTrusteeWithObjectsAndSidW
ControlService
CryptImportKey
QueryServiceObjectSecurity
RegCloseKey
RegCreateKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
StartTraceW

gdi32

FixBrushOrgEx
GetBkMode
GetCharABCWidthsA
GetObjectW
CreateFontIndirectW

kernel32

CloseHandle
CreateEventA
CreateFileW
CreateThread
DeleteCriticalSection
DeleteFileW
EnterCriticalSection
ExpandEnvironmentStringsW
FindResourceW
FreeLibrary
FreeResource
GetACP
GetCurrentDirectoryW
GetCurrentThreadId
GetFileAttributesW
GetFullPathNameW
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetProfileStringW
GetSystemDirectoryW
GetTempFileNameW
GetTempPathW
GetThreadPriority
GetTickCount
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapFree
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
MapViewOfFile
MoveFileW
MultiByteToWideChar
OpenFileMappingW
ReleaseMutex
ResetEvent
SearchPathW
SetErrorMode
SetEvent
SetLastError
SetThreadContext
SetThreadPriority
Sleep
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
_lclose
_llseek
_lread
_lwrite
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
VirtualAlloc
FindResourceA
CompareStringW
CompareStringA
GetLocaleInfoW
GetSystemInfo
VirtualProtect
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
LoadLibraryA
VirtualQuery
RtlUnwind
IsBadWritePtr
HeapReAlloc
GetCPInfo
GetOEMCP
FatalAppExitA
WriteFile
UnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetCommandLineA
GetVersionExA
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsAlloc
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetEnvironmentVariableA

ole32

StgConvertVariantToProperty
StringFromIID

oleaut32

VarI4FromI2
RegisterActiveObject

rpcrt4

I_RpcServerAllocateIpPort
NdrRpcSsDefaultFree
NdrServerContextNewUnmarshall
NdrProxyInitialize

user32

RegisterDeviceNotificationW
PostThreadMessageA
PostQuitMessage
PostMessageW
PostMessageA
PeekMessageW
MessageBoxW
LoadStringW
RegisterWindowMessageW
KillTimer
IsWindow
GetPriorityClipboardFormat
GetMessageA
GetAsyncKeyState
DispatchMessageA
DestroyWindow
DefWindowProcW
BroadcastSystemMessageW
SendMessageA
SendMessageTimeoutW
SetMenuDefaultItem
UnregisterDeviceNotification
SetTimer
wsprintfA
wsprintfW
LoadStringA

Exports

Exports

KQEOUWHOIDK

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

834a5295cd9b007857a1544d71300a81

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

rpcrt4

user32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 24KB - Virtual size: 26KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 24KB - Virtual size: 26KB

.reloc
Size: 8KB - Virtual size: 5KB