ddd2b9daef6859b75376ba87ae33e9d31b40afb280db77eeb11b1f3af6358a88

Sharing

Copy URL Twitter E-mail

General

Target

ddd2b9daef6859b75376ba87ae33e9d31b40afb280db77eeb11b1f3af6358a88
Size

80KB
MD5

31e8b86e491aa15ac0991c2146571a90
SHA1

085f84c1a7e0242b520f83ea79a98bac5819f948
SHA256

ddd2b9daef6859b75376ba87ae33e9d31b40afb280db77eeb11b1f3af6358a88
SHA512

d9af0200d958072e6c2acee5b7e42be3f6f1276c40e6072c307078e80e69c17f30c60c09beea0d89de4fe133e3d86c4dca8a258596fb3dff6516045310e1ed9f
SSDEEP

1536:nCVN6Q0FkHhzMm/xh+MAmKaZfkp6On5XCu7:9UtX/xuCZfkp6On5T

Score

N/A

Malware Config

Signatures

Files

ddd2b9daef6859b75376ba87ae33e9d31b40afb280db77eeb11b1f3af6358a88
.dll windows x86

ae54c4b0589230acc596bd6e8636d740

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
lstrcpyA
IsDBCSLeadByteEx
GetLogicalDriveStringsA
GetTimeFormatW
GetLocaleInfoA
CreateWaitableTimerW
GetOverlappedResult
FindNextVolumeW
CreateConsoleScreenBuffer
SetWaitableTimer
VirtualUnlock
BackupWrite
GetExitCodeThread
GetProfileStringA
GetLargestConsoleWindowSize
RegisterWaitForSingleObjectEx
CreateTimerQueueTimer
WriteFile
ReadFileEx
SwitchToThread
HeapUnlock
EnumSystemLocalesA
GetProcessVersion
lstrcmpiW
GetShortPathNameA
GetUserDefaultUILanguage
SetTimeZoneInformation
GetStringTypeExW
ReleaseActCtx
EnumResourceLanguagesW
UnregisterWaitEx
GetSystemTime
CreateThread
LocalAlloc
ClearCommBreak
GetProcessHeap
InterlockedCompareExchange
SetLastError
VirtualQuery
ExitProcess
GetModuleHandleA
LoadLibraryA
CloseHandle
OpenEventA
LocalFree
Sleep
GlobalAlloc
CreateProcessA
InterlockedDecrement
GetSystemDirectoryA
GetProcAddress
ReplaceFileW
GetModuleFileNameA

oleaut32

SysAllocString
SysFreeString

advapi32

ElfRegisterEventSourceW
GetEffectiveRightsFromAclW
CloseEventLog
RegCreateKeyA
RegRestoreKeyA
RegEnumKeyW
CredUnmarshalCredentialW
StartServiceW
RegSetValueA
RegEnumValueA
BuildExplicitAccessWithNameW
DeregisterEventSource
RegEnumKeyExW
RegOpenKeyExA
ClearEventLogW
RegLoadKeyA
SaferSetLevelInformation

shell32

SHAppBarMessage
DragQueryFileW
SHAddToRecentDocs

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae54c4b0589230acc596bd6e8636d740

Headers

File Characteristics

Imports

kernel32

oleaut32

advapi32

shell32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB