589b27785097304b79265bec0d7308c04ac43bbae0088c1ac6be1ba1123aaad5

Sharing

Copy URL Twitter E-mail

General

Target

589b27785097304b79265bec0d7308c04ac43bbae0088c1ac6be1ba1123aaad5
Size

237KB
MD5

64b47c0f65277ec56c0d3a5d437d4f60
SHA1

05d7b67189a0dc04afa8bafb0a09cf0a0f654336
SHA256

589b27785097304b79265bec0d7308c04ac43bbae0088c1ac6be1ba1123aaad5
SHA512

55b412e8177f26d7de1efdd7eb5ad6ab55aa67478e28bc1f22750ce388107185dc79a3e555ee45f24911edee73dd4eeca8566eb2b2339338465ffd2f6be51221
SSDEEP

6144:rwu3FqaAW1Xu1CaobF+c3BAQbOHhxvKISbGq:rwqqEw4FFb3BlbOHrS

Score

N/A

Malware Config

Signatures

Files

589b27785097304b79265bec0d7308c04ac43bbae0088c1ac6be1ba1123aaad5
.dll windows x86

b4117fdca65a3b474c5a6c8fbf246c49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSetInformation
InterlockedCompareExchange
LoadLibraryW
LocalAlloc
MapViewOfFile
SetFilePointer
GlobalFree
WideCharToMultiByte
WriteFile
lstrcmpiW
lstrcpyW
lstrcpynW
GlobalAlloc
GetVersionExW
GetProcAddress
GetPrivateProfileStringW
GetModuleHandleW
GetLocaleInfoW
GetLastError
GetFileSize
GetFileAttributesExA
GetCurrentThreadId
GetCurrentProcessId
GetCommandLineW
FreeLibrary
FormatMessageW
FindResourceExW
FindNextFileW
FindFirstFileW
FindClose
ExpandEnvironmentStringsW
CreateProcessW
CreateFileMappingW
CreateDirectoryW
ReadFile
VirtualAlloc
GetDriveTypeA
CreateFileA
ExitProcess
UnmapViewOfFile
CreateFileW

user32

LoadIconW

advapi32

RegSetValueExW
RegSetValueExA
RegQueryValueW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
GetUserNameA
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
CredWriteW
CredWriteDomainCredentialsW
CredUnmarshalCredentialW
CredReadW
CredReadDomainCredentialsW
CredFree
CredDeleteW
RegOpenKeyExA
TraceMessage
UnregisterTraceGuids
RegisterTraceGuidsW

Sections

.text9
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text7
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text8
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4117fdca65a3b474c5a6c8fbf246c49

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text9 Size: 2KB - Virtual size: 2KB

.text7 Size: 2KB - Virtual size: 2KB

.text Size: 200KB - Virtual size: 199KB

.text8 Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 1KB - Virtual size: 1KB

.text9
Size: 2KB - Virtual size: 2KB

.text7
Size: 2KB - Virtual size: 2KB

.text
Size: 200KB - Virtual size: 199KB

.text8
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 1KB - Virtual size: 1KB