ac48a8834cc71b8eafa4b4fd996e2ccd1d88a077a83557a8b7a6000e2d419af1

Sharing

Copy URL Twitter E-mail

General

Target

ac48a8834cc71b8eafa4b4fd996e2ccd1d88a077a83557a8b7a6000e2d419af1
Size

130KB
MD5

5e2d64ac24ae430513cca6c80d3479a2
SHA1

117bcf073265172338722ff55aef0798d0e27678
SHA256

ac48a8834cc71b8eafa4b4fd996e2ccd1d88a077a83557a8b7a6000e2d419af1
SHA512

57d8929cd0ba8fc569aed7086c6791774774f63f5d4fa8a65e8a78c4148fea20efaf6ecb000b1dbab5fe6ff0fbb1abcf3cb5693a3d72358e672ff41c3d723c8d
SSDEEP

3072:8nW+eHhmcm7kyjM+pvBf0E3cjVhzHai+lobgjKIGa:8nfeBmczy/wtrFbgN

Score

N/A

Malware Config

Signatures

Files

ac48a8834cc71b8eafa4b4fd996e2ccd1d88a077a83557a8b7a6000e2d419af1
.dll windows x86

b14add2624082a01b743bf4ade6e1cd8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA

kernel32

GetVersionExA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetLastError
GetModuleHandleA
FreeLibrary
InterlockedIncrement
InterlockedDecrement
lstrlenA
lstrcmpiA
GetCurrentThreadId
DisableThreadLibraryCalls
GetThreadLocale
GetModuleFileNameA
IsDBCSLeadByte
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
ReleaseMutex
CreateMutexA
GetLocaleInfoA
GetACP
InterlockedExchange
SetThreadPriority
OpenProcess
GetFileTime
CreateMutexW
CreateFileMappingA
CreateFileMappingW
UnmapViewOfFile
VirtualFree
GetSystemDirectoryW
UnlockFileEx
SetVolumeLabelW
SetFileAttributesW
SetCurrentDirectoryW
SearchPathW
RemoveDirectoryW
QueryDosDeviceW
PostQueuedCompletionStatus
MoveFileExW
FlushViewOfFile
MapViewOfFile
FileTimeToSystemTime
LocalFileTimeToFileTime
lstrcpynA
MoveFileW
LockFileEx
GetVolumeInformationW
GetTempPathW
GetTempFileNameW
GetShortPathNameW
GetQueuedCompletionStatus
GetModuleFileNameW
GetLogicalDriveStringsW
GetFullPathNameW
GetFileAttributesW
GetDriveTypeW
GetDiskFreeSpaceW
GetCurrentDirectoryW
GetCompressedFileSizeW
GetBinaryTypeW
FindNextFileW
FindFirstFileW
FindFirstChangeNotificationW
DeleteFileW
DefineDosDeviceW
CreateIoCompletionPort
CreateFileW
CreateDirectoryExW
CreateDirectoryW
CopyFileW
GetSystemDirectoryA
WriteFileEx
WriteFile
UnlockFile
SetVolumeLabelA
SetFilePointer
SetFileAttributesA
SetFileApisToOEM
SetFileApisToANSI
SetEndOfFile
SetCurrentDirectoryA
SearchPathA
ReadFileEx
ReadFile
MoveFileA
LockFile
GetVolumeInformationA
GetTempPathA
GetTempFileNameA
GetShortPathNameA
IsBadWritePtr
IsBadReadPtr
GetUserDefaultLCID
SetEvent
TerminateThread
Sleep
WaitForMultipleObjects
CreateThread
CloseHandle
WaitForSingleObject
CreateEventA
lstrcmpA
lstrcpyA
HeapAlloc
HeapDestroy
HeapFree
HeapCreate
lstrcatA
GetEnvironmentVariableW
PulseEvent
ResetEvent
CreateSemaphoreA
ReleaseSemaphore
ExitThread
ResumeThread
GetCurrentThread
LocalAlloc
LocalFree
SystemTimeToFileTime
GetSystemTime
CompareFileTime
GetProcAddress
SetLastError
FindClose
GetSystemDefaultLCID
FindResourceExA
AreFileApisANSI
CopyFileA
CreateDirectoryA
CreateDirectoryExA
CreateFileA
DeleteFileA
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstFileA
FindNextChangeNotification
FindNextFileA
FlushFileBuffers
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetDriveTypeA
GetFileAttributesA
GetFileInformationByHandle
GetFileSize
GetFileType
GetFullPathNameA
GetLogicalDrives
GetLogicalDriveStringsA
RemoveDirectoryA

oleaut32

VariantTimeToSystemTime
SafeArrayPutElement
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayCreate
VarCmp
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SysReAllocString
GetErrorInfo
VariantClear
SysAllocStringLen
SysStringLen
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
VariantCopy
SysAllocStringByteLen
SetErrorInfo
VariantChangeType
VariantInit
SysStringByteLen
SysFreeString

ole32

ReleaseStgMedium
CoInitializeEx
CoFileTimeNow
CLSIDFromProgID
CoMarshalInterThreadInterfaceInStream
StringFromGUID2
CoCreateInstance
CoUnmarshalInterface
CreateStreamOnHGlobal
CoMarshalInterface
CoGetInterfaceAndReleaseStream
CoReleaseMarshalData
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoGetMalloc
StringFromCLSID
CLSIDFromString
CoCreateFreeThreadedMarshaler
CoGetClassObject

Sections

.text
Size: 91KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 192KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b14add2624082a01b743bf4ade6e1cd8

Headers

File Characteristics

Imports

shlwapi

kernel32

oleaut32

ole32

Sections

.text Size: 91KB - Virtual size: 160KB

.bss Size: - Virtual size: 192KB

.pdata Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.tls Size: 4KB - Virtual size: 4KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 91KB - Virtual size: 160KB

.bss
Size: - Virtual size: 192KB

.pdata
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.tls
Size: 4KB - Virtual size: 4KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 20KB - Virtual size: 20KB