f3348d3cb5d5f77ed24c6cb6a44a0f27bc1e812647a5c1339b6663c541b427b3

Sharing

Copy URL Twitter E-mail

General

Target

f3348d3cb5d5f77ed24c6cb6a44a0f27bc1e812647a5c1339b6663c541b427b3
Size

221KB
MD5

ff6c004467b719f3da03bffcf1b8a0e3
SHA1

c3a3894cc03085f0aaeff0a4c3a1bbaec3c1de82
SHA256

f3348d3cb5d5f77ed24c6cb6a44a0f27bc1e812647a5c1339b6663c541b427b3
SHA512

e20d599b4c136d035cbdec9823cf0b98fd69cadd3ae1bd24cb408aa258427b540bb75fa3381de707fc42760fe04df8a702d565b08e01e3a72ab1365d0e05fc74
SSDEEP

3072:hYZvnQGrUDO9I1UFoELIQvL/7vquPWanoq8W/rwBBB8rD6PCA6F:iXDLL/7Uq9Thg

Score

N/A

Malware Config

Signatures

Files

f3348d3cb5d5f77ed24c6cb6a44a0f27bc1e812647a5c1339b6663c541b427b3
.dll windows x86

a64e0a1fa2d92f5159277bc5081dc3b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wstrtime
wcscat
_wtoi
_onexit
__dllonexit
_adjust_fdiv
malloc
wprintf
??2@YAPAXI@Z
_initterm
free
??3@YAXPAX@Z
vswprintf
_wstrdate
wcscpy
swprintf
wcstok
wcschr
wcsncpy
_wcsicmp
wcslen
_vsnwprintf
_heapchk
_except_handler3
wcscmp
__CxxFrameHandler
wcsncmp

user32

SystemParametersInfoW
GetSystemMetrics
CharNextW
LoadStringW

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetCurrentProcessId
GetSystemDirectoryW
CreateDirectoryW
CopyFileW
DeleteFileW
GetComputerNameW
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
CreateFileW
SetFilePointer
WideCharToMultiByte
WriteFile
GetVersionExW
CloseHandle
GetLastError
GetUserDefaultUILanguage
lstrlenW
lstrcatW
lstrcpynW
LocalFree
LocalAlloc
GlobalAlloc
GlobalFree
SetCurrentDirectoryW
GetCurrentDirectoryW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
FreeLibrary
GetProcAddress
LoadLibraryW

advapi32

RegCreateKeyW
RegCreateKeyExW
RegQueryValueExW
LookupAccountNameW
RegLoadKeyW
RegOpenKeyExW
RegUnLoadKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegSetValueExW
RegCloseKey

ole32

CoInitializeEx

shlwapi

PathAddBackslashW
StrChrW
PathAppendW

shell32

SHGetSpecialFolderPathW
ord165
ShellExecuteW

setupapi

SetupOpenInfFileW
SetupInstallFromInfSectionW
SetupInstallFilesFromInfSectionW
pSetupEnablePrivilege

userenv

ord157
ord139
GetDefaultUserProfileDirectoryW

winspool.drv

GetPrintProcessorDirectoryW
DeletePrintProcessorW
DeleteMonitorW
AddPrinterW
AddPrintProcessorW
OpenPrinterW
XcvDataW
ClosePrinter
AddMonitorW
GetPrinterDriverDirectoryW
DeletePrinter
DeletePrinterDriverExW
AddPrinterDriverExW

Exports

Exports

CreateTutShortcut
TabletSetupProc

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a64e0a1fa2d92f5159277bc5081dc3b5

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

advapi32

ole32

shlwapi

shell32

setupapi

userenv

winspool.drv

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 27KB

.data Size: 188KB - Virtual size: 208KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 27KB - Virtual size: 27KB

.data
Size: 188KB - Virtual size: 208KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB