9043c9e14b5c9bfc3e1cd0a522f60661c3eb7648f4d36566b0e2de0208e49889

Sharing

Copy URL Twitter E-mail

General

Target

9043c9e14b5c9bfc3e1cd0a522f60661c3eb7648f4d36566b0e2de0208e49889
Size

125KB
MD5

d2721ddaaaeceba4bdd1cd3d090b01ca
SHA1

2bd0025843b349ba98ce9f06f06e9ea060fbcdba
SHA256

9043c9e14b5c9bfc3e1cd0a522f60661c3eb7648f4d36566b0e2de0208e49889
SHA512

6d75ba80e2459f688a76c5c7802426e63c30cf32d7e021781d236314da55467e5000ad001766b7d28d94823c924cd09028c235991262b0f762b4336b5742bc4b
SSDEEP

1536:feNnNQ+Qh+TWZY8wpQPFaBAcnPY2T6kQScZcVL/fi2U49J/rFZA7U2b9dtaSR:p+epp8BAcDzcZKLni2UMLZA7U2E

Score

N/A

Malware Config

Signatures

Files

9043c9e14b5c9bfc3e1cd0a522f60661c3eb7648f4d36566b0e2de0208e49889
.dll windows x86

d3c141bd9c408c2db1069a743cb1359c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReleaseMutex
GetModuleHandleA
GetSystemInfo
WaitForMultipleObjects
DisconnectNamedPipe
GetStartupInfoA
GlobalUnlock
GlobalAlloc
SetFilePointer
UnmapViewOfFile
HeapAlloc
ExitProcess
lstrlenA
MoveFileA
ReadFile
RemoveDirectoryA
GetProcAddress
LocalFree
FindClose
CreateDirectoryA
GetLastError
GetVersionExA
lstrcmpA
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
lstrcpyA
LoadLibraryA
RaiseException
InterlockedExchange
LocalAlloc

advapi32

GetLengthSid
GetTokenInformation
LookupAccountSidA
DuplicateTokenEx
CreateProcessAsUserA
RegDeleteValueA
RegDeleteKeyA
RegEnumValueA
RegEnumKeyExA
InitializeSecurityDescriptor
AllocateAndInitializeSid
AddAccessAllowedAce
SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey
LsaFreeMemory
LsaClose
LsaRetrievePrivateData
LsaOpenPolicy

msvcrt

malloc
strcmp
_except_handler3
strncpy
wcscpy
strncat
realloc
strcpy
_beginthreadex
calloc
free
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
strcat
strchr
memcmp
_CxxThrowException
memmove
strstr
strlen
_ftol
__CxxFrameHandler
wcstombs
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
_strnset
_strnicmp
_strcmpi

msvcp60

??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1_Winit@std@@QAE@XZ

Exports

Exports

CaseKijj
DweJCed
JassNiee
Longer
Qksixmkd
XjewwKif
main

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3c141bd9c408c2db1069a743cb1359c

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

msvcp60

Exports

Exports

Sections

.text Size: 94KB - Virtual size: 94KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 10KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 94KB - Virtual size: 94KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 10KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 7KB - Virtual size: 6KB