ce142ced12b00cee68a09b991f704a5c6df4ba56b84a2aa15fbe69b21c7a8cee

Sharing

Copy URL Twitter E-mail

General

Target

ce142ced12b00cee68a09b991f704a5c6df4ba56b84a2aa15fbe69b21c7a8cee
Size

144KB
MD5

5a17193461aee59f366b418f465b584c
SHA1

3e036b259e0467c50671b89affd1f430b640a2ef
SHA256

ce142ced12b00cee68a09b991f704a5c6df4ba56b84a2aa15fbe69b21c7a8cee
SHA512

2e3c4ef7b02a46ab3f0c8ac6f9c8c41a4b4fceb18d5295338bfa54f319b1e94de8743c54e93d2c54270be5d13158ae3b4d4c071aa8160439621783f64f3320db
SSDEEP

3072:iNJ5nEKoeGzQj3TOJZ5MTkqTGw9YHfx11caOiWyWlB:yJ5nEKhGz+3/Gw9ylcsWy

Score

N/A

Malware Config

Signatures

Files

ce142ced12b00cee68a09b991f704a5c6df4ba56b84a2aa15fbe69b21c7a8cee
.dll windows x86

dd064bb5abac10b9bbd2d597ce913aa0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AbortSystemShutdownA
ConvertSecurityDescriptorToAccessA
CreateProcessAsUserA
InitiateSystemShutdownA
LogonUserA
LookupPrivilegeNameA
LookupPrivilegeValueA
QueryServiceLockStatusA
RegConnectRegistryA
RegEnumValueA
RegLoadKeyA
RegOpenKeyA
RegReplaceKeyA
RegSetValueA
RegisterServiceCtrlHandlerA
SystemFunction009
RegCloseKey
RegCreateKeyW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegSetValueW

gdi32

CreateDCA
GetOutlineTextMetricsA
GetTextFaceA
CreateCompatibleDC
CreateFontIndirectA
DeleteDC
DeleteObject
ExtTextOutA
GetDeviceCaps
GetSystemPaletteEntries
GetTextColor
GetTextMetricsA
SelectObject
SetBkColor
SetBkMode
SetTextColor

kernel32

BackupRead
CallNamedPipeA
FreeLibrary
GetCompressedFileSizeA
GetDefaultCommConfigA
GetNumberOfConsoleInputEvents
GetPrivateProfileStringA
GetProcAddress
GetVersionExA
GlobalAlloc
GlobalFree
GlobalGetAtomNameA
GlobalUnlock
LoadLibraryA
LoadLibraryW
MultiByteToWideChar
SearchPathA
SetLastError
SetVolumeLabelW
WideCharToMultiByte
lstrcmpiA
lstrcpyA
lstrlenA
lstrlenW
GetCommandLineW
CloseHandle
CreateEventW
DeviceIoControl
EnterCriticalSection
GetLastError
GetOverlappedResult
LeaveCriticalSection
SetEvent
LoadResource
FindResourceA
DeleteCriticalSection
GetCurrentProcess
GetModuleHandleA
InitializeCriticalSection
InterlockedIncrement
IsBadReadPtr
IsBadWritePtr
MulDiv
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
lstrcpynW
VirtualAlloc
CompareStringW
CompareStringA
SetEnvironmentVariableA
GetLocaleInfoW
GetSystemInfo
VirtualProtect
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
HeapSize
VirtualQuery
InterlockedExchange
RtlUnwind
HeapReAlloc
GetCPInfo
GetOEMCP
GetACP
FatalAppExitA
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetCurrentThreadId
GetCommandLineA
ExitProcess
TlsAlloc
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType

ole32

StringFromGUID2
CoUninitialize
CoQueryProxyBlanket
CoInitialize
CoFreeUnusedLibraries
CoCreateInstance
CoTaskMemAlloc
FmtIdToPropStgName
CoTaskMemFree

oleaut32

SafeArrayDestroyDescriptor

rpcrt4

RpcMgmtSetServerStackSize
RpcSsSwapClientAllocFree
RpcSmClientFree

user32

GetDC
CreateDialogParamW
wsprintfA
TabbedTextOutA
SendMessageW
SendMessageA
ScreenToClient
RegisterWindowMessageA
RegisterClassA
KillTimer
GetWindowTextLengthA
GetKeyNameTextA
GetClassNameA
GetClassInfoA
EnumDisplaySettingsA
DefFrameProcA
CreateMenu
CreateDesktopA
CharUpperA
ReleaseDC
SendMessageTimeoutA
wsprintfW
UnregisterClassA
MessageBoxA

Exports

Exports

krpjs

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd064bb5abac10b9bbd2d597ce913aa0

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

rpcrt4

user32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 4KB - Virtual size: 5KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 4KB - Virtual size: 5KB

.reloc
Size: 8KB - Virtual size: 5KB