bb64abd1171891f0447cf9887452867a562179b8b323da3904b4beca85a3e117

Sharing

Copy URL Twitter E-mail

General

Target

bb64abd1171891f0447cf9887452867a562179b8b323da3904b4beca85a3e117
Size

372KB
MD5

caa86ca0d9fe265b5f19583f7107fe20
SHA1

ae1204a2f6277ec67f1160c6b815f27b65c7a952
SHA256

bb64abd1171891f0447cf9887452867a562179b8b323da3904b4beca85a3e117
SHA512

3b6c62e964548228d3b8d25d45699a1929fb86ea688939f98a77e1a395ffcb6a8549569de31034529a6370438546856d369393d6b4519506aa4d29d08566072d
SSDEEP

6144:kTk3TVDixja5ZO6aWGfTYYVoFZ2x4AKhPj9JbhKXU3cqDPYdJtRdbd:2w4G5hadfMYViZ2x/K79RIKNPYTX

Score

N/A

Malware Config

Signatures

Files

bb64abd1171891f0447cf9887452867a562179b8b323da3904b4beca85a3e117
.dll windows x86

f1a82a39761c967d02ef3ad4db90a3cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
CryptGetKeyParam
RegSetValueExW
RegQueryValueExW
RegCloseKey

oleaut32

RegisterTypeLi
SysStringLen
UnRegisterTypeLi
VarUI4FromStr
LoadTypeLi
SysAllocString
SysFreeString

ole32

CoTaskMemAlloc
CoInitialize
CoUninitialize
CoInitializeEx
CoCreateInstance
CoTaskMemRealloc

shell32

ShellExecuteW

kernel32

SetEvent
CloseHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeLibrary
lstrlenW
InterlockedIncrement
QueryPerformanceCounter
LocalAlloc
TerminateProcess
GetLastError
GetCurrentProcessId
LocalFree
InitializeCriticalSection
GetModuleHandleW
LoadResource
GetVersionExA
DeleteCriticalSection
CreateFileW
GlobalFree
InterlockedDecrement
InterlockedExchange
GetSystemTimeAsFileTime
ReadFile
WideCharToMultiByte
DeviceIoControl
InterlockedCompareExchange
GetDateFormatA
EnterCriticalSection
WaitForSingleObject
GetModuleHandleA
MultiByteToWideChar
Sleep
GetTickCount
LeaveCriticalSection
GetCurrentThreadId
VirtualAlloc
lstrcmpiW
GlobalAlloc
GetModuleFileNameW
CreateMutexW
RaiseException

Exports

Exports

Clear
Fetch
InteractLoopFlags
Module_GetName
Unicode
permit_mng_features
set_flush
set_sCAL
vGetToken

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1a82a39761c967d02ef3ad4db90a3cc

Headers

File Characteristics

Imports

advapi32

oleaut32

ole32

shell32

kernel32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 52KB - Virtual size: 52KB

.rsrc Size: 68KB - Virtual size: 66KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 68KB - Virtual size: 66KB

.reloc
Size: 8KB - Virtual size: 6KB