5d2620358c6a4b7795c75e7d417e4c84e162cbb58201b691d782a13bf81eb8f4

Sharing

Copy URL

Twitter E-mail

General

Target

5d2620358c6a4b7795c75e7d417e4c84e162cbb58201b691d782a13bf81eb8f4
Size

140KB
MD5

1713dfe92a032caad94fd0e573d9daa4
SHA1

c8f765564e7a89c7e29d754031d89974e05ccf95
SHA256

5d2620358c6a4b7795c75e7d417e4c84e162cbb58201b691d782a13bf81eb8f4
SHA512

789f40ce1542efb7fa86bab002426debda124065a52fac52228485eca1dd7f499c4eb37f2f22c4087544d4934639a18b18ed53d58603af5d054a58cec0c31ca9
SSDEEP

3072:LNjMM+fUck04mNSK/JpHLRMBG/AejV7if22UgNb:LN4M+fUQH2BOAihtyb

Score

N/A

Malware Config

Signatures

Files

5d2620358c6a4b7795c75e7d417e4c84e162cbb58201b691d782a13bf81eb8f4
.dll windows x86

b27b29a8178fc4b4f8683da95133d3bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

_putenv
_initterm
_adjust_fdiv
_onexit
strchr
__dllonexit
_purecall
_strcmpi
??2@YAPAXI@Z
_stricmp
??3@YAXPAX@Z
free
malloc
strrchr
strstr
strncpy
sprintf
_ftol
rand
realloc

ole32

CoTaskMemAlloc
CoTaskMemFree
RevokeDragDrop
OleInitialize
CoCreateInstance
CoFreeUnusedLibraries

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

InterlockedIncrement
IsBadReadPtr
WaitForSingleObject
GetEnvironmentVariableA
GetModuleFileNameA
MulDiv
MultiByteToWideChar
GetProcAddress
WideCharToMultiByte
InterlockedDecrement
lstrlenW
FreeLibrary
LoadLibraryA

user32

LoadStringA
MessageBoxA
GetSystemMetrics
CharNextA
PostMessageA
SetRect
GetDC
ReleaseDC
CharPrevA
SetWindowLongA
SetWindowPos
CallWindowProcA
DefWindowProcA
GetClientRect
CopyRect
IsWindow
GetWindow
CharLowerA
PostThreadMessageA
ShowWindow
GetClassNameA
EnumChildWindows

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA

gdi32

GetDeviceCaps
DPtoLP
SetMapMode
GetMapMode
LPtoDP

oleaut32

SysAllocString
VariantInit
SafeArrayCreateVector
SafeArrayGetLBound
SafeArrayGetUBound
SysAllocStringLen
SafeArrayUnaccessData
SysFreeString
SafeArrayAccessData
VariantClear

Exports

Exports

CreateBrowserInstance
GetIEVersion
RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b27b29a8178fc4b4f8683da95133d3bf

Headers

File Characteristics

Imports

pncrt

ole32

version

kernel32

user32

advapi32

gdi32

oleaut32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.rmnet
Size: 60KB - Virtual size: 60KB