aa005bd0b86894cf7f935a26225d1df00d3e19e96add26fe49500d871e57eb43

Sharing

Copy URL Twitter E-mail

General

Target

aa005bd0b86894cf7f935a26225d1df00d3e19e96add26fe49500d871e57eb43
Size

112KB
MD5

c77f0ccef603f36a29ce10731decf591
SHA1

94d812a2d6702a7e9a05a91f70b565e56f95f454
SHA256

aa005bd0b86894cf7f935a26225d1df00d3e19e96add26fe49500d871e57eb43
SHA512

328686de9a24472f581e8cde5c2293067ea0c33b72c597bfbc7e8c99bbc67ecf58428132e9d6ab85653316481c331c40cd54d6b0363b534a43d452f56efbfa4d
SSDEEP

3072:0GsjR9Y7JzDSouoc30S5lWMmzxRwLFJUkrYF:7I9gzK3r5lWaJUkc

Score

N/A

Malware Config

Signatures

Files

aa005bd0b86894cf7f935a26225d1df00d3e19e96add26fe49500d871e57eb43
.dll windows x86

0151acd3bd258101aff6eb065d368be0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfigA
LookupAccountSidW
RegSetValueExW
FreeSid
RegDeleteKeyA
RegEnumValueA
RegDeleteKeyW
InitializeSecurityDescriptor
RegCreateKeyW
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyExW
RegEnumKeyExW

kernel32

GetModuleHandleA
IsValidLocale
VirtualAlloc
GetProcAddress
GetHandleInformation
LoadLibraryA
GetCurrentProcessId
VirtualQuery
CloseHandle
LocalAlloc
GetVersionExW
GetSystemTime
lstrcatA
GetLocaleInfoW
lstrcmpW
GetShortPathNameW
WriteFile
InterlockedCompareExchange
FileTimeToLocalFileTime
HeapDestroy
lstrcpyA
IsBadStringPtrW
CreateFileMappingA
HeapSize
CreateDirectoryW
GetModuleHandleW
SetThreadPriority
HeapCreate
CompareStringA
lstrcmpiW
CopyFileA
FreeLibrary
CreateThread
ResetEvent
InterlockedIncrement
GetConsoleCP
GetTempFileNameW
EnumSystemLocalesA
CreateProcessW
CreateMutexW
GetLastError
SetErrorMode
Sleep
lstrlenW
ExitProcess
HeapAlloc
GetCommandLineA
GetVersion
VirtualFree
HeapFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
CreateFileA
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers
SetStdHandle
SetEndOfFile
ReadFile
SetFilePointer
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Exports

Exports

Jrjlmxdluza

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0151acd3bd258101aff6eb065d368be0

Headers

File Characteristics

Imports

advapi32

kernel32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 52KB - Virtual size: 55KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 52KB - Virtual size: 55KB

.reloc
Size: 8KB - Virtual size: 4KB