899417686a0378dd4487ef9ff2d95681c1203346aaeb3b1502d2bbd4c023b442

Sharing

Copy URL Twitter E-mail

General

Target

899417686a0378dd4487ef9ff2d95681c1203346aaeb3b1502d2bbd4c023b442
Size

544KB
MD5

052941bac4cdc1d0e4659c95381b8580
SHA1

5c95228ae69c9c289cd6cd3aa73d42b5385eef2a
SHA256

899417686a0378dd4487ef9ff2d95681c1203346aaeb3b1502d2bbd4c023b442
SHA512

bacf9cfe849ecfae47beb73b8114ed1c27ec5d86485ab8652f415f17bf5c19cc78d059227a77fa4d4f36d8ccc284ff6e26c30907662ed68a9599407402a4065e
SSDEEP

12288:gZQ4Kb3wxbRmE6IKl1591+TT8Csq9n6u+lqOQK:gy4KUFwfICh+TYCpv+Rd

Score

N/A

Malware Config

Signatures

Files

899417686a0378dd4487ef9ff2d95681c1203346aaeb3b1502d2bbd4c023b442
.dll windows x86

891d6a1d79ff9be4957ef9de96c0be66

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW

advapi32

RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegCloseKey
CryptGetKeyParam
RegSetValueExW

oleaut32

RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
VarUI4FromStr

ole32

CoTaskMemRealloc
CoInitialize
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoInitializeEx

kernel32

GlobalFree
GetTickCount
VirtualAlloc
RaiseException
GetCurrentProcessId
GetModuleHandleA
LocalFree
Sleep
LeaveCriticalSection
CloseHandle
GetSystemTimeAsFileTime
LoadResource
DeleteCriticalSection
TerminateProcess
InterlockedExchange
QueryPerformanceCounter
InterlockedIncrement
GetVersionExA
WideCharToMultiByte
InterlockedCompareExchange
SetUnhandledExceptionFilter
CreateFileW
lstrcmpiW
LocalAlloc
UnhandledExceptionFilter
CreateMutexW
MultiByteToWideChar
GetModuleFileNameW
EnterCriticalSection
GetCurrentThreadId
InterlockedDecrement
FreeLibrary
ReadFile
GlobalAlloc
WaitForSingleObject
GetModuleHandleW
DeviceIoControl
GetDateFormatA
GetLastError
InitializeCriticalSection
lstrlenW
SetEvent

Exports

Exports

AsReadBuffer
Import
Int_FromSize_t
Number_AsSsize_t
ReplaceErrors
get_sBIT
set_bKGD
set_convert_mono
set_write_fn

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

891d6a1d79ff9be4957ef9de96c0be66

Headers

File Characteristics

Imports

shell32

advapi32

oleaut32

ole32

kernel32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 152KB - Virtual size: 151KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 152KB - Virtual size: 151KB

.reloc
Size: 8KB - Virtual size: 7KB