da952a0e67055a3096afcb15eb9cfa45ed0391484a1b44ac91d7ebc9d7b9f7ad

Sharing

Copy URL

Twitter E-mail

General

Target

da952a0e67055a3096afcb15eb9cfa45ed0391484a1b44ac91d7ebc9d7b9f7ad
Size

128KB
MD5

e6afeeaf78b7419c6efd8f0b0b72f676
SHA1

7c6cda11652fd42aa58f103fb661515adf2032a2
SHA256

da952a0e67055a3096afcb15eb9cfa45ed0391484a1b44ac91d7ebc9d7b9f7ad
SHA512

92556532e05b5ae8a1af8a83868b1fb2af207ca6c11481077fcd3cffdec0a27430658bc470c507ab5a9eca7e09c0ea32971ef24c979c1f7fc0c9c5e57d3c8a84
SSDEEP

3072:bUdU4qfj4guCJFzgY+I/88lclRjsFHF8Sv37QbkQaV:om4qUkFzRLVlcfsFlhvEaV

Score

N/A

Malware Config

Signatures

Files

da952a0e67055a3096afcb15eb9cfa45ed0391484a1b44ac91d7ebc9d7b9f7ad
.dll windows x86

90b227442dfea725d79759c37fc54972

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetConsoleAliasExesW
GetPrivateProfileStructW
GlobalAlloc
FreeLibrary
LocalSize
GetShortPathNameW
ReadConsoleInputExA
FlushViewOfFile
IsValidLocale
ChangeTimerQueueTimer
FreeEnvironmentStringsW
SetConsoleCtrlHandler
SetConsoleTitleW
GetModuleHandleA
OpenWaitableTimerW
GetVersion
GetProcAddress
VirtualAlloc
GetHandleInformation
LoadLibraryA
GetSystemTime

user32

SetDeskWallpaper
GetCaretPos
DdeNameService
InSendMessageEx
GetKeyboardLayout
IsWindowVisible
SetSystemCursor
MessageBoxExA
ChangeDisplaySettingsW
NotifyWinEvent
DlgDirListA
CharPrevA
GetParent
ScrollWindow
DlgDirListComboBoxA
DrawFrame
FlashWindowEx
SetWindowTextA
UnpackDDElParam
EnumWindows
GetScrollBarInfo
CreateWindowExA
DrawEdge
SetCaretBlinkTime
ShowScrollBar
BeginDeferWindowPos
ScrollWindowEx
GetDlgItemTextW
MessageBoxW
OemToCharA
GetAsyncKeyState

advapi32

QueryServiceLockStatusW
GetAuditedPermissionsFromAclA
RegEnumValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidA
GetServiceKeyNameA
LsaEnumerateAccountsWithUserRight
PrivilegeCheck
QueryRecoveryAgentsOnEncryptedFile
RegisterEventSourceA
AreAllAccessesGranted
RegSaveKeyW
SystemFunction029
InitializeSecurityDescriptor

msvcrt

sprintf
_mbsnbcat
_mbsnextc
__mb_cur_max
_y1
_makepath
memset
fread
_finite
_ultoa
feof
ferror
fputs
wcstod
printf
ldiv
fprintf
fclose
_wperror
_locking
_ismbbkpunct
_stati64
_ismbcl1
_chdrive
getenv
_wexecl
_wspawnv
__RTDynamicCast
_isnan
fwrite
fseek
ftell
__threadhandle
_mbsnccnt
_except_handler3
_unlink
_wremove
_wsplitpath
fputc
_mbspbrk
__dllonexit
fsetpos
_strset
fwprintf
__crtCompareStringA
iswalpha
_Strftime
fopen
_strcmpi
_ismbbpunct

Exports

Exports

Bhhptadm
Cguevxe
Fvlf
Jkocnih
Kwiablecjp
Mnrskf
Mxzdw
Pntkgt
Ugwymzycry

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90b227442dfea725d79759c37fc54972

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 52KB - Virtual size: 50KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 52KB - Virtual size: 50KB

.reloc
Size: 8KB - Virtual size: 7KB