7cab1ab1ca0efb83bf51557e249777a7701c8d954978da65cbdfcd0cd88845ac

Sharing

Copy URL

Twitter E-mail

General

Target

7cab1ab1ca0efb83bf51557e249777a7701c8d954978da65cbdfcd0cd88845ac
Size

336KB
MD5

c9116b4ed5f17822bff5e4245b91dc50
SHA1

73862766de2a7479c9c76ebac74571ab5f1e6688
SHA256

7cab1ab1ca0efb83bf51557e249777a7701c8d954978da65cbdfcd0cd88845ac
SHA512

5e6e789fc8bad9c0b1ee2bf87dc374754e0c6b2d1371d1eb844567732e7660f42c167642381ca91dfea30e702c834d7a047ca5b554d759313a5bffe666edf605
SSDEEP

6144:FgR65cL+/EfEq6QgCdiM74pvKTTJ8dnSYK82+AqC1Lj/IPwc:Fdl/EfEq6QgCdiuSCTTCdSYK82+xwnw

Score

N/A

Malware Config

Signatures

Files

7cab1ab1ca0efb83bf51557e249777a7701c8d954978da65cbdfcd0cd88845ac
.dll windows x86

80df6fa8643a6abc7b1f10c87c5c2fbf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AddAccessAllowedAce
AllocateAndInitializeSid
DeregisterEventSource
FreeSid
GetLengthSid
InitializeAcl
LsaICLookupSids
LsaQueryTrustedDomainInfoByName
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
ReportEventA
SetSecurityDescriptorDacl
BuildImpersonateTrusteeW
InitializeSecurityDescriptor
IsValidSecurityDescriptor
IsValidSid
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
CryptVerifySignatureW
RegQueryValueExA
SystemFunction020
TrusteeAccessToObjectW
GetSecurityDescriptorRMControl

kernel32

DisableThreadLibraryCalls
VirtualAlloc
CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
CreateSemaphoreA
DeleteFileA
FindClose
FindFirstFileA
GetCurrentProcessId
GetFileSize
GetLocalTime
GetPrivateProfileStructW
GetSystemInfo
GetTickCount
GlobalAlloc
GlobalFree
InterlockedDecrement
InterlockedIncrement
MoveFileA
OpenMutexA
OpenSemaphoreA
ReadFile
ReleaseMutex
ResetEvent
SetEndOfFile
SetEvent
SetFilePointer
Sleep
VirtualFree
WaitForSingleObject
WriteFile
AreFileApisANSI
BackupRead
FreeUserPhysicalPages
GetCommTimeouts
GetCurrentThreadId
GetProcessHeap
GetSystemTimeAsFileTime
InterlockedCompareExchange
InterlockedExchange
QueryPerformanceCounter
WritePrivateProfileStringA
CreateThread
EnumDateFormatsA
GetDateFormatW
GetProfileIntA
GetUserDefaultLCID
HeapCreate
MultiByteToWideChar
RaiseException
SetMailslotInfo
WaitForSingleObjectEx
GetLocaleInfoA
LoadLibraryA
LocalAlloc
LocalFree
lstrcatW
lstrcpynW
lstrlenW
GetLastError
GetFullPathNameA
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
GetCommandLineA
GetVersionExA
HeapFree
RtlUnwind
ExitThread
GetDriveTypeA
GetCurrentDirectoryA
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
FatalAppExitA
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
VirtualProtect
VirtualQuery
LCMapStringA
WideCharToMultiByte
LCMapStringW
FlushFileBuffers
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapReAlloc
HeapSize
IsBadWritePtr
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
CompareStringA
CompareStringW
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
WriteConsoleA
GetTimeZoneInformation
SetConsoleCtrlHandler
GetLocaleInfoW
SetEnvironmentVariableA

ole32

HWND_UserSize
EnableHookObject
SetDocumentBitStg
OleRegGetMiscStatus

rpcrt4

RpcStringBindingComposeW
RpcServerInqBindings
NdrVaryingArrayFree
NdrFixedArrayFree
NdrDllGetClassObject
NdrDllUnregisterProxy
NdrAsyncClientCall
MesHandleFree

Exports

Exports

Hsnamndbhh

Sections

.text
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80df6fa8643a6abc7b1f10c87c5c2fbf

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

rpcrt4

Exports

Exports

Sections

.text Size: 248KB - Virtual size: 244KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 48KB - Virtual size: 58KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 248KB - Virtual size: 244KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 48KB - Virtual size: 58KB

.reloc
Size: 12KB - Virtual size: 11KB