3a406e7e0d5b839eb18f2071e3b44546f2fe1963e7b58dbb5428e0a3093a603c

Sharing

Copy URL Twitter E-mail

General

Target

3a406e7e0d5b839eb18f2071e3b44546f2fe1963e7b58dbb5428e0a3093a603c
Size

116KB
MD5

3314ae2180912d6ceaa566121c2c0cb0
SHA1

056ef283618d2194c8cfa8da85c6b2dbc58bf99a
SHA256

3a406e7e0d5b839eb18f2071e3b44546f2fe1963e7b58dbb5428e0a3093a603c
SHA512

328451d0085e0993c37bc67b08dbb96bfba18bc38018e6be7d1d0c438417377885eb31b8cf0acc72c5d25fd482cff3d62cd55c0683460fb216cf8908c690fd71
SSDEEP

3072:B+VG4jVEJWZoonWWQlEQWktY9GTWtLNz7Jgtqf:os4j2We3RWQSsWH7J

Score

N/A

Malware Config

Signatures

Files

3a406e7e0d5b839eb18f2071e3b44546f2fe1963e7b58dbb5428e0a3093a603c
.dll windows x86

00d7f6053fd80decd169fde3bb291466

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ord28
ord131
ord89
ord240
ord2

comctl32

ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_LoadImageW
ImageList_Create

msvcrt

isxdigit
islower
iswspace
_mbctoupper
_exit
strchr
isspace
wcschr

shlwapi

PathIsUNCServerShareA
PathIsDirectoryW
PathIsPrefixA
ord29
ChrCmpIW
PathRemoveBackslashA
StrCmpNIA
PathRemoveExtensionW

wininet

InternetCrackUrlW
InternetSetOptionA
InternetFindNextFileA
HttpSendRequestA
InternetFindNextFileW
InternetCrackUrlA

kernel32

lstrcmpA
GetProfileIntW
GetDriveTypeA
GetEnvironmentVariableA
GetStringTypeExA
SetCurrentDirectoryA
ReleaseMutex
SetLastError

user32

OpenInputDesktop
IsClipboardFormatAvailable
GetTopWindow
GetMenuItemID
CloseClipboard
GetDesktopWindow
CharToOemBuffW
BroadcastSystemMessageA
AllowSetForegroundWindow

gdi32

CreateFontIndirectA
GetTextExtentPointA
RestoreDC
SetViewportExtEx
DeleteEnhMetaFile
Escape
PtInRegion

comdlg32

ChooseColorW
GetFileTitleA
ChooseColorA
FindTextA

advapi32

StartServiceW
RegCreateKeyExW
RegRestoreKeyW
QueryServiceLockStatusW

ole32

CLSIDFromProgID
CoRevertToSelf
OleConvertIStorageToOLESTREAM
OleLoadFromStream
CoInitializeEx
RevokeDragDrop

Exports

Exports

?GreatDataAvailable@@YGKK@Z

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.packed
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00d7f6053fd80decd169fde3bb291466

Headers

File Characteristics

Imports

shell32

comctl32

msvcrt

shlwapi

wininet

kernel32

user32

gdi32

comdlg32

advapi32

ole32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 36KB

.packed Size: 17KB - Virtual size: 17KB

.data Size: 7KB - Virtual size: 369KB

.rdata Size: 37KB - Virtual size: 36KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 36KB

.packed
Size: 17KB - Virtual size: 17KB

.data
Size: 7KB - Virtual size: 369KB

.rdata
Size: 37KB - Virtual size: 36KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 4KB - Virtual size: 4KB