2120f90566a6741fd5c354df5748abd81cb1610b1c352d0e0aef645104f3acd3

Sharing

Copy URL Twitter E-mail

General

Target

2120f90566a6741fd5c354df5748abd81cb1610b1c352d0e0aef645104f3acd3
Size

568KB
MD5

e91a63794cfb5c9540ebe7701b35e560
SHA1

9a09cf95cfe9bddbe5faf9593ea6d4374b04ea1e
SHA256

2120f90566a6741fd5c354df5748abd81cb1610b1c352d0e0aef645104f3acd3
SHA512

616a97289c5a4e8a9e5de956b86ffa083d2db2fe233bc8d7be04ba6cf8ed65d44da6828c9b06660c5b1d90c046560822d3fb6d01dbde3dd4bdd9766bf2c680e0
SSDEEP

12288:3RSqXYR+8wFQpPYIhm6Vs71y1bmeagGJvCvaHnK:doY5FOYIfVq1ybmeagGoe

Score

N/A

Malware Config

Signatures

Files

2120f90566a6741fd5c354df5748abd81cb1610b1c352d0e0aef645104f3acd3
.dll windows x86

7746840b41752e1a11455ac381092657

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegQueryInfoKeyW
CryptGetKeyParam
RegCloseKey
RegSetValueExW
RegEnumKeyExW

kernel32

ReadFile
WaitForSingleObject
GetModuleFileNameW
VirtualAlloc
CloseHandle
GetTickCount
GetDateFormatA
UnhandledExceptionFilter
LeaveCriticalSection
GetLastError
RaiseException
GetVersionExA
SetEvent
InterlockedCompareExchange
CreateMutexW
LocalAlloc
TerminateProcess
Sleep
GetModuleHandleW
lstrlenW
MultiByteToWideChar
LocalFree
FreeLibrary
DeleteCriticalSection
GlobalAlloc
GetModuleHandleA
WideCharToMultiByte
LoadResource
GetCurrentProcessId
InterlockedDecrement
InitializeCriticalSection
EnterCriticalSection
SetUnhandledExceptionFilter
GlobalFree
DeviceIoControl
CreateFileW
InterlockedIncrement
InterlockedExchange
lstrcmpiW
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter

oleaut32

VarUI4FromStr
RegisterTypeLi
SysAllocString
SysFreeString
SysStringLen
UnRegisterTypeLi
LoadTypeLi

ole32

CoTaskMemRealloc
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoInitializeEx
CoCreateInstance

shell32

ShellExecuteW

Exports

Exports

GenericSetAttr
List_Type
get_pixels_per_meter
get_unknown_chunks

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7746840b41752e1a11455ac381092657

Headers

File Characteristics

Imports

advapi32

kernel32

oleaut32

ole32

shell32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 164KB - Virtual size: 162KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 164KB - Virtual size: 162KB

.reloc
Size: 8KB - Virtual size: 7KB