dedbd277c6ddd6c53cc38267347e01dd3603dc334a10ae7790318d6aafcbabd5

Sharing

Copy URL Twitter E-mail

General

Target

dedbd277c6ddd6c53cc38267347e01dd3603dc334a10ae7790318d6aafcbabd5
Size

392KB
MD5

bddd0a82a47200cc26208dec931f1ae0
SHA1

785d6bd151160fde926a5c36bdd0c3ed33304b58
SHA256

dedbd277c6ddd6c53cc38267347e01dd3603dc334a10ae7790318d6aafcbabd5
SHA512

1d07ce1b917f7e873e3521394263308400635fa46a2d84b76d137e4f64b1068eb0e6edb861d0d8a7096a65cfb73b9fa153e9bd849594b7d030e45de939d7d9da
SSDEEP

12288:jxyywvy+rQ518BCne2Qix0I/VqHuhnEWk:jTQBrq18BQuix0wwHuK

Score

N/A

Malware Config

Signatures

Files

dedbd277c6ddd6c53cc38267347e01dd3603dc334a10ae7790318d6aafcbabd5
.dll windows x86

d96d8156d8b287505f26dccc0653940f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegCloseKey
RegSetValueExW
SetPrivateObjectSecurity
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW

oleaut32

SysStringLen
UnRegisterTypeLi
VarUI4FromStr
SysFreeString
SysAllocString
LoadTypeLi
RegisterTypeLi

ole32

CoInitializeEx
CoInitialize
CoCreateInstance
CoTaskMemAlloc
CoUninitialize
CoTaskMemRealloc

kernel32

UnhandledExceptionFilter
GlobalAlloc
WaitForSingleObject
GetLastError
GetTickCount
WideCharToMultiByte
LoadResource
LocalAlloc
EnterCriticalSection
RaiseException
CloseHandle
GetDateFormatA
InterlockedCompareExchange
GetModuleHandleW
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
MultiByteToWideChar
GetCurrentThreadId
ReadFile
LocalFree
FreeLibrary
Sleep
GetModuleFileNameW
GetThreadLocale
InitializeCriticalSection
SetEvent
TerminateProcess
CreateMutexW
CreateFileW
InterlockedDecrement
SetUnhandledExceptionFilter
GetCurrentProcessId
GetModuleHandleA
GetSystemTimeAsFileTime
DeviceIoControl
DeleteCriticalSection
GlobalFree
lstrlenW
VirtualAlloc
lstrcmpiW
CreateEventW
QueryPerformanceCounter
GetVersionExA

shell32

ShellExecuteW

Exports

Exports

GenericSetAttr
GetItem
Number_Remainder
StreamWriter

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d96d8156d8b287505f26dccc0653940f

Headers

File Characteristics

Imports

advapi32

oleaut32

ole32

kernel32

shell32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 188KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 52KB - Virtual size: 52KB

.rsrc Size: 60KB - Virtual size: 59KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 192KB - Virtual size: 188KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 60KB - Virtual size: 59KB

.reloc
Size: 12KB - Virtual size: 10KB