d793cde87ebab5c56781a4969218e3d600d01638d1a34629515534189abf0c8c

Sharing

Copy URL

Twitter E-mail

General

Target

d793cde87ebab5c56781a4969218e3d600d01638d1a34629515534189abf0c8c
Size

275KB
MD5

4bbb3ec728616892be40fe43f34ea281
SHA1

8b011bb074fa6981de18a00ce55433d81ea1c921
SHA256

d793cde87ebab5c56781a4969218e3d600d01638d1a34629515534189abf0c8c
SHA512

5ce8183b897ab5c7cfd709ace8e72880a437f641d26a6bafbab0639cfd6a72e45c36eb3f0fd8bc7ab1680f32f6bd06ae28377260fc7486d4741084253c41e343
SSDEEP

6144:IdF0CcZGMEOAyp8Y9uZ6IyNoGb7OhU6UO4yXnDdxD6qGKWr4PxQZDFZ:fZeKkvUXyXBMFrexe

Score

N/A

Malware Config

Signatures

Files

d793cde87ebab5c56781a4969218e3d600d01638d1a34629515534189abf0c8c
.dll windows x86

5cec93f8a85a9c1e87214e6803c2e69f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_except_handler4_common
_amsg_exit
_initterm
??3@YAXPAX@Z
malloc
_XcptFilter
iswalpha
__CxxFrameHandler3
_wcsicmp
wcschr
_vsnwprintf
free

kernel32

LocalAlloc
DisableThreadLibraryCalls
CloseHandle
WideCharToMultiByte
CreateEventW
GetLastError
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineW
InterlockedDecrement
InterlockedIncrement
WaitForSingleObject
LocalFree

user32

PostMessageW
GetParent
KillTimer
GetWindowLongW
ShowWindow
SendMessageW
SetForegroundWindow
GetWindowTextW
GetDlgItem
LoadStringW
SetFocus
SetWindowLongW
SendDlgItemMessageW
FindWindowExW
SetWindowTextW
EnableWindow
SetTimer

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitializeEx

advapi32

RegCloseKey
UnregisterTraceGuids
RegisterTraceGuidsW
RegOpenKeyExW
RegQueryValueExW
TraceMessage
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags

comctl32

PropertySheetW
ord344
ord17
CreatePropertySheetPageW

oleaut32

SysAllocString
SysFreeString

shell32

CommandLineToArgvW

ntdll

WinSqmAddToStream

Exports

Exports

DllMain
EnhancedStoragePasswordConfig
EnhancedStoragePasswordInitDisk

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cec93f8a85a9c1e87214e6803c2e69f

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

ole32

advapi32

comctl32

oleaut32

shell32

ntdll

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 28KB

.data Size: 172KB - Virtual size: 173KB

.rsrc Size: 70KB - Virtual size: 69KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 29KB - Virtual size: 28KB

.data
Size: 172KB - Virtual size: 173KB

.rsrc
Size: 70KB - Virtual size: 69KB

.reloc
Size: 2KB - Virtual size: 2KB