b01ea65594d0f31c5ca2c083554c3f9dbd3b566efde526483202b0d47c15a600

Sharing

Copy URL Twitter E-mail

General

Target

b01ea65594d0f31c5ca2c083554c3f9dbd3b566efde526483202b0d47c15a600
Size

466KB
MD5

f4626328e4c1bb7bf15aa2553f464560
SHA1

4fe179970d5ca707ac9fd15877bd0b71eb8f05e2
SHA256

b01ea65594d0f31c5ca2c083554c3f9dbd3b566efde526483202b0d47c15a600
SHA512

d5c10937edb3ed063315abfc3a124088069e40f23a4c6fe83f585d97b635e4e5879003c373d4a7a383297c6451ed1339841d71021d4f287bcb5943dddf02cb58
SSDEEP

6144:TUmu9O/t+f33bMp/PoSNye/yeMWxER8Z18znSxIf2g1LB1yeLt8AKBCy5wvxbj/V:Ah0/tAUPBP/yeM708exaGSKEQAxbog

Score

N/A

Malware Config

Signatures

Files

b01ea65594d0f31c5ca2c083554c3f9dbd3b566efde526483202b0d47c15a600
.dll windows x86

82d81b2e38166fb01c44afca13331e09

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA

advapi32

GetTokenInformation
SystemFunction014
RegSetValueExA
RegDeleteKeyA
AdjustTokenPrivileges
AllocateAndInitializeSid
AreAnyAccessesGranted
ControlService
CryptGetProvParam
EqualSid
OpenProcessToken
OpenSCManagerA
OpenServiceA
QueryServiceStatus
RegCloseKey
RegCreateKeyExA

user32

DdeClientTransaction
EnableWindow
EnumWindows
ExitWindowsEx
FindWindowA
FrameRect
GetWindowThreadProcessId
IsIconic
LoadIconA
MessageBoxA
PeekMessageA
PostMessageA
SendMessageA
SetForegroundWindow
TranslateMessage
DrawIcon

msvcrt

__p__fmode
__p__commode
__set_app_type
__dllonexit
__CxxFrameHandler
_XcptFilter
__setusermatherr
_adjust_fdiv
_cexit
_controlfp
_except_handler3
_exit
_initterm
_onexit
strstr
strncpy
sprintf
exit
_strupr
_strnicmp
__getmainargs
_setmbcp
_c_exit

kernel32

CreateProcessA
CopyFileA
FindClose
lstrlenA
WaitForSingleObject
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
Sleep
SetUnhandledExceptionFilter
SetLastError
QueryPerformanceCounter
LoadLibraryA
GetWindowsDirectoryA
GetVersionExA
GetTickCount
GetSystemDirectoryA
GetStartupInfoA
GetProcessPriorityBoost
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFullPathNameA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
FreeLibrary
FindFirstFileA
FindNextFileA
CloseHandle

Exports

Exports

AcquireThread
IndexError
Init
NewMethod
get_IHDR
set_filter
write_chunk_data

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 231KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82d81b2e38166fb01c44afca13331e09

Headers

File Characteristics

Imports

shell32

advapi32

user32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 231KB - Virtual size: 231KB

.data Size: 108KB - Virtual size: 109KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 231KB - Virtual size: 231KB

.data
Size: 108KB - Virtual size: 109KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 4KB - Virtual size: 4KB