7788073da79b086f8fece8377e7eb2cdfe6819836b885055c71316a430bb06c7

Sharing

Copy URL Twitter E-mail

General

Target

7788073da79b086f8fece8377e7eb2cdfe6819836b885055c71316a430bb06c7
Size

376KB
MD5

047f276471c600a6b507f79fb840c260
SHA1

652cfd07dd4534db4bb420bbe9072e0016da75f3
SHA256

7788073da79b086f8fece8377e7eb2cdfe6819836b885055c71316a430bb06c7
SHA512

fc6fa946adcdaedff93924cb66e6850c98025a2d4984e86cfaa8be08882eac944b984ac2ffb822105d9f7806666b86a9a7cd082814e6e74684bf02884ede3631
SSDEEP

6144:DJLHAGw5kiAqIpIUzyGik7a2RnlAfQ3+18DRA3QNqoUb8HjWZkI+aUo9lthXH9WS:JoWyGp7HlAfQu1wuQWbkI/XhXHd

Score

N/A

Malware Config

Signatures

Files

7788073da79b086f8fece8377e7eb2cdfe6819836b885055c71316a430bb06c7
.dll windows x86

0ce634d3168789d3dab71d7a24e05eed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
LoadTypeLi
SysStringLen
VarUI4FromStr

kernel32

CloseHandle
GetDateFormatA
DeleteCriticalSection
lstrcmpiW
DeviceIoControl
MultiByteToWideChar
LocalAlloc
LoadResource
InterlockedExchange
CreateMutexW
GetModuleFileNameW
GetLastError
InitializeCriticalSection
GetVersionExA
TerminateProcess
RaiseException
InterlockedCompareExchange
GetModuleHandleA
CreateEventW
InterlockedDecrement
QueryPerformanceCounter
Sleep
lstrlenW
VirtualAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GlobalAlloc
ReadFile
GetCurrentProcessId
GetThreadLocale
CreateFileW
WaitForSingleObject
LocalFree
GetModuleHandleW
GetTickCount
LeaveCriticalSection
GetSystemTimeAsFileTime
FreeLibrary
GetCurrentThreadId
EnterCriticalSection
GlobalFree
InterlockedIncrement
WideCharToMultiByte
SetEvent

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemAlloc
CoInitializeEx
CoTaskMemRealloc

shell32

ShellExecuteW

advapi32

RegOpenKeyExW
UnlockServiceDatabase
RegQueryInfoKeyW
RegCloseKey
RegEnumKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW

Exports

Exports

GetDesc
RestoreThread
build_grayscale_palette
free_default
get_user_chunk_ptr
read_rows
vSetTargetWPath

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ce634d3168789d3dab71d7a24e05eed

Headers

File Characteristics

Imports

oleaut32

kernel32

ole32

shell32

advapi32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 52KB - Virtual size: 52KB

.rsrc Size: 60KB - Virtual size: 59KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 60KB - Virtual size: 59KB

.reloc
Size: 8KB - Virtual size: 7KB