996a56fed97f069f176df81212ebc4269f11b0af77f57d62def33eb3e627a9fe

Sharing

Copy URL Twitter E-mail

General

Target

996a56fed97f069f176df81212ebc4269f11b0af77f57d62def33eb3e627a9fe
Size

113KB
MD5

f00d9d9115a0c2b4f47f4294c44afb0e
SHA1

7cce21bd97589e66ab5ef55e5e10ff6b620548f4
SHA256

996a56fed97f069f176df81212ebc4269f11b0af77f57d62def33eb3e627a9fe
SHA512

07ad1b17f2d8bb09c360da333c370f0cff6c11aaa65cd239baad69eb3ce131c49f47eaaee681c6fa53c8ca24740dee8bb5d66585bb42910632c8a006fcbc3f53
SSDEEP

3072:anoDt/054yxG3eKj/LIR2uHiQD/Dn8pRg02:awKbweECbMpRg

Score

N/A

Malware Config

Signatures

Files

996a56fed97f069f176df81212ebc4269f11b0af77f57d62def33eb3e627a9fe
.dll windows x86

8702b94139281659d00f9aae4f02583e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ControlTraceA
CryptAcquireContextA
CryptContextAddRef
CryptCreateHash
CryptDeriveKey
CryptDestroyHash
CryptDestroyKey
CryptDuplicateHash
CryptExportKey
CryptGenKey
CryptGenRandom
CryptGetHashParam
CryptGetProvParam
CryptHashData
CryptHashSessionKey
CryptImportKey
CryptSetProvParam
CryptVerifySignatureA
DecryptFileW
DeregisterEventSource
ElfRegisterEventSourceW
ElfReportEventA
EnumServicesStatusExW
LookupSecurityDescriptorPartsW
ReportEventW
RevertToSelf

gdi32

GetBrushOrgEx
LineTo
gdiPlaySpoolStream
GdiGetPageHandle

kernel32

LoadResource
FindResourceA
GetCommandLineA
VirtualAlloc
DeleteCriticalSection
EnterCriticalSection
GetLastError
GetTickCount
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
LoadLibraryW
LocalAlloc
LocalFree
VirtualFree
WriteProfileSectionA
lstrcatA
lstrcmpiA
lstrlenA
lstrlenW
CompareStringW
CompareStringA
GetLocaleInfoW
GetSystemInfo
VirtualProtect
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
SetEnvironmentVariableA
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetCurrentThreadId
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
UnhandledExceptionFilter
WriteFile
FatalAppExitA
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
IsBadWritePtr
RtlUnwind
VirtualQuery
LoadLibraryA
HeapSize
GetTimeFormatA

ole32

CoImpersonateClient
CoAllowSetForegroundWindow
HBITMAP_UserUnmarshal

oleaut32

VarR8FromBool
VarUI2FromDisp
VarR4FromR8

rpcrt4

I_RpcBindingInqDynamicEndpointA
NdrDllUnregisterProxy
RpcObjectSetInqFn
NdrConformantArrayMemorySize

user32

MapVirtualKeyExW
OemToCharBuffW
SetWindowContextHelpId
TranslateAcceleratorW
LoadCursorA
GetWindowTextA
CharUpperW

Exports

Exports

OENGQVD

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8702b94139281659d00f9aae4f02583e

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

rpcrt4

user32

Exports

Exports

Sections

.text Size: 66KB - Virtual size: 65KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 28KB - Virtual size: 27KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 28KB - Virtual size: 27KB

.reloc
Size: 4KB - Virtual size: 4KB