77ede4cf486d723112925b7168140c3591b3281fda2e8c5c9441ee9e0044dde5

General

Target

77ede4cf486d723112925b7168140c3591b3281fda2e8c5c9441ee9e0044dde5
Size

61KB
MD5

12e3d8a8fa33a74e263aa11b15939e36
SHA1

2a76f6bb1cd5ac0cba32e50417fd4e01aec2aa3c
SHA256

77ede4cf486d723112925b7168140c3591b3281fda2e8c5c9441ee9e0044dde5
SHA512

19c7a9d752e169f1be3ed3af81eb4bb41fd594234c193185639a56adfc6b7a4fa6cf187055a3646758aa11ad473505b4d22931ed0651d2e7b997b44431b62a4c
SSDEEP

1536:O88gzukYLq6hbokEL5w6huk11na7FK3H0Bw2b5:x/G495HnqKHEw2b5

Score

N/A

Malware Config

Signatures

Files

77ede4cf486d723112925b7168140c3591b3281fda2e8c5c9441ee9e0044dde5
.dll windows x86

fc6235f552011075d17e188552405d20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
GetProcAddress
GetModuleHandleA
GetVersionExA
DeleteFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
ExitThread
TerminateThread
WaitForMultipleObjects
CreateMailslotA
GetModuleFileNameA
SetEndOfFile
lstrcpyA
lstrcatA
WaitForSingleObject
IsBadReadPtr
ReadFile
lstrlenA
GetSystemDirectoryA
CreateDirectoryA
WriteFile
GetTickCount
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
LoadLibraryA
ReleaseMutex
GetModuleHandleW
CreateEventA
CreateMutexW
MultiByteToWideChar
CreateThread
FindClose
FindNextFileA
FindFirstFileA
lstrcmpA
CompareStringA
GetTempFileNameA
OpenEventA
PulseEvent
SetEvent
CloseHandle
ResetEvent
GetFileAttributesA
GetLastError
CreateFileA
SetFilePointer

user32

wsprintfA

advapi32

ImpersonateLoggedOnUser
CryptHashData
CryptDeriveKey
CryptEncrypt
CryptDestroyHash
CryptDestroyKey
CryptReleaseContext
RegNotifyChangeKeyValue
RegCreateKeyExA
RegSetValueExA
CreateProcessAsUserA
InitializeSecurityDescriptor
CryptAcquireContextA
CryptCreateHash
RegOpenCurrentUser
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RevertToSelf
CryptDecrypt

iphlpapi

GetAdaptersInfo

shell32

SHGetFolderPathA

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc6235f552011075d17e188552405d20

Headers

File Characteristics

Imports

kernel32

user32

advapi32

iphlpapi

shell32

Sections

.text Size: 49KB - Virtual size: 49KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 49KB - Virtual size: 49KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 6KB