d58aa7ef8e4e83b86b08d3915f146d1fa1a58637abc223de3b134c27031d85b6

Sharing

Copy URL Twitter E-mail

General

Target

d58aa7ef8e4e83b86b08d3915f146d1fa1a58637abc223de3b134c27031d85b6
Size

140KB
MD5

1d4107d03e970a2996aa50c54d2a84b0
SHA1

ec659403d1c39d805f38b8a89d57899059265008
SHA256

d58aa7ef8e4e83b86b08d3915f146d1fa1a58637abc223de3b134c27031d85b6
SHA512

75b7889128efc93ceca42f92da14193aaeb960ead4dca7f4f9c8f4c142206a8d45046079a98855de2928b40961f7e1d069f2507fe9190a4db469e032d2627d2f
SSDEEP

3072:jbFKRTHfWK2L+Alr5L9LZmFfABJgO8Fd8ytQ7l//OjNm:jbFo/6HNL9LZmF4TgOMdnto/C

Score

N/A

Malware Config

Signatures

Files

d58aa7ef8e4e83b86b08d3915f146d1fa1a58637abc223de3b134c27031d85b6
.dll windows x86

8d81e3ef3b377c305297c69ba6fa00db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
FormatMessageA
TlsGetValue
ReadFile
SetFilePointer
LoadLibraryW
SetCurrentDirectoryA
ResetEvent
WritePrivateProfileStringW
LeaveCriticalSection
GetModuleHandleA
WritePrivateProfileStringA
ExitProcess
GetStringTypeA
SetConsoleMode
LockResource
GetExitCodeProcess
TlsAlloc
GetNumberFormatW
VirtualFree
GetSystemWindowsDirectoryW
CreateMutexA
OutputDebugStringA
VirtualProtect
GetProcAddress
SetFileTime
TerminateProcess
SetCurrentDirectoryW

msvcrt

__set_app_type
strerror
memset
__winitenv

user32

CallWindowProcW
LoadCursorW
GetForegroundWindow
GetClipboardData
DrawEdge
wsprintfA
IsWindow
CreateWindowExA
DispatchMessageW
CopyRect

gdi32

BitBlt
SetStretchBltMode
CreateSolidBrush
GetStockObject
DeleteDC
SelectPalette
ExtTextOutW
GetTextMetricsW
StretchBlt
TextOutW
CreateRoundRectRgn
GetRegionData
CreateCompatibleBitmap
LineTo
SetTextColor
CreateBitmap
SetBkMode
DeleteObject
GetTextExtentPoint32W

tapi32

lineGetCallInfoA
lineGetAddressCaps
lineAgentSpecific
tapiGetLocationInfoW
lineMakeCallW

Exports

Exports

FfdYpvvdxuJgkqeuxJfqxQx
DrrOzvb
StquAiehPztqgumUg

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 134B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d81e3ef3b377c305297c69ba6fa00db

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

tapi32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 51KB - Virtual size: 50KB

.CRT Size: 38KB - Virtual size: 38KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 512B - Virtual size: 134B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 51KB - Virtual size: 50KB

.CRT
Size: 38KB - Virtual size: 38KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 512B - Virtual size: 134B