61d5b8c5fe00e16905845e6f5a672b3c80bb63886c7d0ac6bf9e3f2f25d69f0e

Sharing

Copy URL Twitter E-mail

General

Target

61d5b8c5fe00e16905845e6f5a672b3c80bb63886c7d0ac6bf9e3f2f25d69f0e
Size

56KB
MD5

a1f5c2340289a27a5fe38300f9d99790
SHA1

0a4074046b2923e107c67bbb8e370c6ec85eed04
SHA256

61d5b8c5fe00e16905845e6f5a672b3c80bb63886c7d0ac6bf9e3f2f25d69f0e
SHA512

08f4ef2b0ee2a02673ab9809d2a4d88900125d6b2d252a8671aace702ac9769f22a216960e42a41bcd95f9955abfb71cf75ad4e432bc3acbc9c3b6ce727a107b
SSDEEP

768:o6H3XTYIstsIxUNNtYr8YDTQi6r5GLYCz9CRenchlirazmwhv:NH3XMIstXxUuDTQi6NGFB5Mliu6A

Score

N/A

Malware Config

Signatures

Files

61d5b8c5fe00e16905845e6f5a672b3c80bb63886c7d0ac6bf9e3f2f25d69f0e
.dll windows x86

077a31001b35eb043b039c9b407c8a86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
SetFilePointer
CreateFileA
GetLastError
GetCurrentProcess
GetFileSize
VirtualQuery
ReadFile
WinExec
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
GetVersionExA
ExitProcess
CreateMutexA
CreateThread
GetModuleFileNameA
OpenProcess
GetSystemDirectoryA
DeleteCriticalSection
SetHandleCount
TerminateProcess
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
InitializeCriticalSection
CloseHandle
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapCreate
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
IsBadWritePtr
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
GetCPInfo

user32

SetForegroundWindow
ShowWindow
FindWindowA
EnableWindow
GetDlgItem
DialogBoxParamA
MessageBoxA
SendMessageA
SetDlgItemTextA
IsWindow
GetWindowTextA
PostMessageA
SetFocus
SetWindowTextA
EndDialog
GetWindowRect
WindowFromPoint

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegEnumKeyExA

psapi

EnumProcessModules
GetModuleFileNameExA

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

077a31001b35eb043b039c9b407c8a86

Headers

File Characteristics

Imports

kernel32

user32

advapi32

psapi

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 728B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 728B

.reloc
Size: 4KB - Virtual size: 3KB