90a60b6e68a1da31dcdd59aabb7e4e9cdb5495709bce48a78f73b6ca72f5bf88

Sharing

Copy URL Twitter E-mail

General

Target

90a60b6e68a1da31dcdd59aabb7e4e9cdb5495709bce48a78f73b6ca72f5bf88
Size

440KB
MD5

a0c528a545debba35fcc61b799e1cfad
SHA1

2ca4491421da08e03bb080f7f93f4a744f3d9ffc
SHA256

90a60b6e68a1da31dcdd59aabb7e4e9cdb5495709bce48a78f73b6ca72f5bf88
SHA512

083a1ac1c2f3930479b3d675d42f337fcc5154f5b181b8e9e60f9a182d5f48eda58cb3519375da3b4bf37332b17facf2fae076bacc49327b1e7474e362885860
SSDEEP

12288:PYhE/SGvmabJilfq5ZtyCVTK2M0/j2Uy4VnIJtqwm5DoykV/J+kTH17sHBZ2/rju:PGE/SGvi26Tm5DqTH17sHBML7a8QFl1B

Score

N/A

Malware Config

Signatures

Files

90a60b6e68a1da31dcdd59aabb7e4e9cdb5495709bce48a78f73b6ca72f5bf88
.dll windows x86

f8753e607c65918b466a6eee15312717

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

_adjust_fdiv
_chmod
rename
__dllonexit
_initterm
_onexit
isdigit
_mbctype
??3@YAXPAX@Z
rand
memmove
strchr
_stricmp
strftime
_iob
fprintf
__CxxFrameHandler
difftime
time
strncpy
localtime
mktime
sprintf
strstr
printf
atol
_purecall
atoi
_ismbcspace
_vsnprintf
free
realloc
_lseeki64
malloc
_telli64
_errno
_chsize
_fstat
isspace
iscntrl
_strnicmp
strncmp
strpbrk
tolower
strrchr
getenv
??2@YAPAXI@Z
_stat
_strcmpi
_putenv
_sopen
_unlink
_write
_read
_tell
_lseek
_chdir
_open
_creat
_close
_mkdir
_rmdir
_getcwd

ole32

CoCreateInstance
CoInitialize
CoUninitialize

user32

wsprintfA
CharLowerA
SendMessageTimeoutA
EnumWindows
GetSystemMetrics
GetWindowLongA
SetWindowLongA
DestroyIcon
SystemParametersInfoA
SetWindowPos
SetForegroundWindow
CharNextA
CharPrevA
DdeDisconnect
DdeGetLastError
DdeConnect
DdeCreateStringHandleA
DdeFreeStringHandle
DdeInitializeA
DdeUninitialize
DdeFreeDataHandle
DdeGetData
DdeClientTransaction
FindWindowA

advapi32

RegEnumValueA
RegEnumKeyA
RegCloseKey
RegOpenKeyA
RegSetValueA
RegEnumKeyExA
RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

shell32

SHChangeNotify
ExtractIconExA

kernel32

GetDiskFreeSpaceA
GetShortPathNameA
WideCharToMultiByte
GetTickCount
MultiByteToWideChar
DeleteFileA
GlobalMemoryStatus
CopyFileA
CreateMutexA
GetLastError
Sleep
GetPrivateProfileStringA
GetVersionExA
WritePrivateProfileStringA
GetWindowsDirectoryA
LoadLibraryA
GetPrivateProfileSectionNamesA
FreeLibrary
CreateFileA
GetProcAddress
ReadFile
SetFilePointer
GetFileSize
CloseHandle
InterlockedIncrement
WriteFile
WaitForSingleObject
GetModuleFileNameA
GetCurrentProcess
GetSystemDirectoryA
lstrcpynA
lstrcpyA
GetProfileStringA
GetSystemInfo
UnmapViewOfFile
WinExec
CreateFileMappingA
GetTempFileNameA
MapViewOfFile
SetProcessWorkingSetSize
lstrlenA
SetErrorMode
FindFirstFileA
FindNextFileA
FindClose
GetDriveTypeA
GetTempPathA
GetVersion
ResetEvent
SetEvent
CreateEventA
InterlockedDecrement

Exports

Exports

?DdeCallback@@YGPAUHDDEDATA__@@IIPAUHCONV__@@PAUHSZ__@@1PAU1@KK@Z
EventCallback
OnInstall
OnUninstall
RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 300KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_DATA
Size: 4KB - Virtual size: 378B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f8753e607c65918b466a6eee15312717

Headers

File Characteristics

Imports

pncrt

ole32

user32

advapi32

shell32

kernel32

Exports

Exports

Sections

.text Size: 300KB - Virtual size: 298KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 16KB - Virtual size: 20KB

_DATA Size: 4KB - Virtual size: 378B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 20KB - Virtual size: 17KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 300KB - Virtual size: 298KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 16KB - Virtual size: 20KB

_DATA
Size: 4KB - Virtual size: 378B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 20KB - Virtual size: 17KB

.rmnet
Size: 60KB - Virtual size: 60KB