fd83a2aa0f4680b9b4dedc38451322eb781e2ab963b2340e564b9b336a251d37

Sharing

Copy URL Twitter E-mail

General

Target

fd83a2aa0f4680b9b4dedc38451322eb781e2ab963b2340e564b9b336a251d37
Size

87KB
MD5

cdb7f3a6926305b6fa53ef8bec25fce0
SHA1

535ededec9eac63b46bac422d33213cc7f05224f
SHA256

fd83a2aa0f4680b9b4dedc38451322eb781e2ab963b2340e564b9b336a251d37
SHA512

771eee75e90fb239769e43175a12c36588ea396a6fc8fbcf4979342c62c95f793ccd6f40b89f5ec55c5ba72ee4672a69176a676fa5d4d9b6df50a115dd742fec
SSDEEP

1536:/hq19sK8YLZDshpki+fAIC+YNnfMTGC+UBYhCTcEkzT8l0Qx9IIVN/out2:5q19p7LZIX/gzYp06JUBO03kn8yQx9II

Score

N/A

Malware Config

Signatures

Files

fd83a2aa0f4680b9b4dedc38451322eb781e2ab963b2340e564b9b336a251d37
.dll windows x86

2b10ac0857897c5d287de8290bb2a647

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathMakeSystemFolderW
PathIsDirectoryEmptyA
SHDeleteValueW
StrStrA
PathFileExistsA
StrChrW
StrRetToStrA
PathIsContentTypeW
PathIsUNCServerShareW
PathRemoveBlanksW
StrRChrA
PathIsRelativeA
ColorHLSToRGB
AssocQueryKeyW
PathUnmakeSystemFolderA
UrlUnescapeA
SHCopyKeyW
PathAppendA
UrlEscapeW
SHRegGetPathW
UrlCanonicalizeA
PathIsDirectoryW
ColorRGBToHLS
PathFindExtensionA
StrFormatKBSizeW
SHRegCloseUSKey
PathCreateFromUrlW
StrChrIW
PathMakePrettyW
StrDupW
StrCSpnW
SHOpenRegStreamW
PathMakePrettyA
PathGetCharTypeW

kernel32

GetCurrencyFormatW
CompareStringW
GetVersionExA
MoveFileExW
IsBadWritePtr
BeginUpdateResourceA
ReadFileEx
DisconnectNamedPipe
QueryPerformanceFrequency
CreateDirectoryW
FindFirstVolumeA
CreateJobObjectW
SetComputerNameExW
RemoveDirectoryW
EnumResourceNamesA
GetEnvironmentVariableW
GetCurrencyFormatA
GlobalFix
SetHandleCount
GetTempPathA
MapUserPhysicalPagesScatter
CopyFileExA
GetLastError
DeleteTimerQueueEx
FillConsoleOutputAttribute
ClearCommBreak
lstrcmpA
VirtualAlloc
GetLogicalDrives
SetConsoleMode
MulDiv
GlobalUnfix
GetSystemTime

ole32

HICON_UserUnmarshal
OleRegGetMiscStatus
ProgIDFromCLSID
PropVariantClear
StgCreatePropSetStg
OleCreateMenuDescriptor
StgIsStorageILockBytes
HMENU_UserMarshal
OleUninitialize
CoTaskMemFree
CoQueryClientBlanket
OleCreateLinkEx
OleCreateStaticFromData
FmtIdToPropStgName
CoMarshalHresult
HDC_UserSize

advapi32

LookupPrivilegeDisplayNameA
AccessCheckAndAuditAlarmA
LookupAccountSidW
InitializeAcl

shell32

SHGetDiskFreeSpaceExW
FindExecutableW
SHFileOperationA
SHFreeNameMappings
FindExecutableA
SHEmptyRecycleBinA
CommandLineToArgvW
SHLoadNonloadedIconOverlayIdentifiers

winmm

joyGetPos
midiInGetNumDevs
auxGetVolume
waveInReset
waveOutGetErrorTextA
midiOutClose
auxSetVolume
mixerClose
midiStreamProperty
timeEndPeriod
midiOutSetVolume
joyGetThreshold
mixerGetControlDetailsA
joyGetPosEx
midiStreamRestart
waveInStart
midiOutUnprepareHeader
mmioSeek
mmioWrite
mmioAdvance
midiOutCachePatches
midiOutGetNumDevs
auxGetDevCapsW
midiOutLongMsg
midiInGetErrorTextA
mixerGetLineControlsA
mciSendStringA
midiOutGetDevCapsA
OpenDriver
mmioDescend
waveInOpen
midiInStart

Exports

Exports

FiAcctivatteDesktop
FiBBeginCClipboardState
FiChangeHandleePositiooon
FiChanggeDeskktop

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b10ac0857897c5d287de8290bb2a647

Headers

File Characteristics

Imports

shlwapi

kernel32

ole32

advapi32

shell32

winmm

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 44KB

.data Size: 32KB - Virtual size: 60KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 45KB - Virtual size: 44KB

.data
Size: 32KB - Virtual size: 60KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB