d28664ae646347d5125334021b2ec143650d278e41788ef8b6bded0526c7a96c

Sharing

Copy URL Twitter E-mail

General

Target

d28664ae646347d5125334021b2ec143650d278e41788ef8b6bded0526c7a96c
Size

477KB
MD5

4e9926174d174e2e4e3a8eaabab4d9b3
SHA1

f82062f78ff0e1cb9cd00d2651dda244a020e753
SHA256

d28664ae646347d5125334021b2ec143650d278e41788ef8b6bded0526c7a96c
SHA512

7ba1b77cf422419ea01b1bd8601a8fc4be92aa613409626f512dad6275513b25a7ce3c50f186658a4f0ff0177683a3dbb3f5148ccb5987bcd361ac934b544c35
SSDEEP

12288:TgzvuJ9aCRXuV1KFwp/OZU5dphVi9OAcUF:T4vuaCpc1wwUop1q

Score

N/A

Malware Config

Signatures

Files

d28664ae646347d5125334021b2ec143650d278e41788ef8b6bded0526c7a96c
.dll windows x86

c6352422e90da840119f67f10e592a93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GetWindowsDirectoryA
LoadLibraryA
QueryPerformanceCounter
GetStartupInfoA
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
WaitForSingleObject
lstrlenA
GetProcessPriorityBoost
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFullPathNameA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
FreeLibrary
FindNextFileA
FindFirstFileA
FindClose
CreateProcessA
CopyFileA
SetLastError
CloseHandle

user32

SetForegroundWindow
SendMessageA
PostMessageA
PeekMessageA
MessageBoxA
LoadIconA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetClientRect
FindWindowA
ExitWindowsEx
EnableWindow
DrawIcon
DispatchMessageA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
ControlService
EqualSid
FreeSid
GetSecurityDescriptorControl
GetTokenInformation
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SystemFunction029
AdjustTokenGroups

msvcrt

_CIacos
_XcptFilter
__CxxFrameHandler
__dllonexit
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_finite
_initterm
_ismbblead
_memccpy
_onexit
_setmbcp
_strdate
_strnicmp
_strupr
_wfsopen
exit
sprintf
srand
strncpy
strstr

Exports

Exports

GetBuffer
Int_AsLong
RuntimeWarning
SetEncodingAndErrors
free_default

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6352422e90da840119f67f10e592a93

Headers

File Characteristics

Imports

kernel32

user32

shell32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 109KB - Virtual size: 108KB

.rdata Size: 223KB - Virtual size: 223KB

.data Size: 108KB - Virtual size: 109KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 223KB - Virtual size: 223KB

.data
Size: 108KB - Virtual size: 109KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 6KB - Virtual size: 5KB