879278416bbe28ba8d5479632a8b6cc3fc1ee4af137d800e5e83b1b22e273892

Sharing

Copy URL Twitter E-mail

General

Target

879278416bbe28ba8d5479632a8b6cc3fc1ee4af137d800e5e83b1b22e273892
Size

105KB
MD5

cae34bdb44add0c4de586e1c2efddc05
SHA1

63fd3dfadabf7d644645f373bceb7c7cbb1ff488
SHA256

879278416bbe28ba8d5479632a8b6cc3fc1ee4af137d800e5e83b1b22e273892
SHA512

5d54b76079bb412a5761f3f143bcb22005e85f4bf151fb6cb860eafda36c7d3d8e23bce40a0d17555d76a5942c8fce0189ec335a9e5e987c8c1fe3783c4d5148
SSDEEP

1536:xuPtKROXPXS6OhR/b2C37jocSRjqM6EODQO255Xi4qFxdVFkkSNd3:xHJhRh334RjqfhQDfMVC3

Score

N/A

Malware Config

Signatures

Files

879278416bbe28ba8d5479632a8b6cc3fc1ee4af137d800e5e83b1b22e273892
.dll windows x86

5c178a8b2cde56698aa92a7adb2bfaa8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfW

ntdll

swprintf
wcsncpy
RtlAllocateAndInitializeSid
NtQueryInformationProcess
RtlNtStatusToDosError
_allmul
NtClose
NtQuerySystemInformation
RtlUnicodeStringToAnsiString
_snwprintf
wcsncat
NtEnumerateKey
NtQueryValueKey
NtSetValueKey
RtlInitUnicodeString
NtOpenKey
_stricmp
wcslen
wcscpy
_alldiv
wcscat
_wcsnicmp
NtCreateFile
NtDeviceIoControlFile
NtOpenFile
_chkstk
RtlFreeAnsiString
_snprintf
RtlTimeToElapsedTimeFields
sprintf
RtlUnwind
NtQueryVirtualMemory

kernel32

SetCurrentDirectoryW
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
CreateThread
SetThreadPriority
WaitForSingleObject
InterlockedCompareExchange
GetExitCodeThread
GetLocalTime
lstrlenW
CreateDirectoryW
GetTimeZoneInformation
InterlockedExchange
GetUserDefaultLangID
GetSystemDefaultLangID
OpenProcess
VirtualAlloc
VirtualFree
SetErrorMode
GetTickCount
UnmapViewOfFile
CloseHandle
MapViewOfFile
CreateFileMappingW
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
lstrcatW
lstrcpyW
SystemTimeToFileTime
GetSystemTime
ReadProcessMemory
SetLastError
WriteFile
WideCharToMultiByte
LocalFree
GetLastError
LocalAlloc
FileTimeToSystemTime
CreateFileW
MultiByteToWideChar
DisableThreadLibraryCalls
GetSystemDirectoryW
HeapFree
HeapAlloc
GetProcessHeap
GetDiskFreeSpaceExW
GetDriveTypeW
GetLogicalDrives

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

advapi32

InitializeAcl
SetFileSecurityW
InitializeSecurityDescriptor
GetLengthSid
FreeSid
AddAccessAllowedAceEx
SetSecurityDescriptorDacl

msvcrt

_adjust_fdiv
_initterm
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
free

Exports

Exports

LogSystemSnapshot

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c178a8b2cde56698aa92a7adb2bfaa8

Headers

File Characteristics

Imports

user32

ntdll

kernel32

rpcrt4

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 30KB

.data Size: 69KB - Virtual size: 72KB

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 31KB - Virtual size: 30KB

.data
Size: 69KB - Virtual size: 72KB

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 2KB - Virtual size: 2KB