c438e3c0aec9178b209c2a2ae7b34dad504bfeeb9fa073451a766766d7da22b5

Sharing

Copy URL Twitter E-mail

General

Target

c438e3c0aec9178b209c2a2ae7b34dad504bfeeb9fa073451a766766d7da22b5
Size

140KB
MD5

0fc55c402b61126fef82c88c4e2d9840
SHA1

0e85c9a7cc3d23549003f2178ee03146fce4d975
SHA256

c438e3c0aec9178b209c2a2ae7b34dad504bfeeb9fa073451a766766d7da22b5
SHA512

d3dc9741925f0d3329cbae5a640c427db414a4d68f8a02bbb4ad9ddbd54e673d7cb37480b98a28b911e3b7fd4f707da95a4c2ce1c6c320e15fb1f79dac2ba7d6
SSDEEP

3072:Mu/8thWvq1ZP5Ob0mJJwLc5q0kDqI1o6vooLui0ywSoPOGFvrm8ttts:N/QhbcAmJJ2c0bDFnui0SlAC8ttt

Score

N/A

Malware Config

Signatures

Files

c438e3c0aec9178b209c2a2ae7b34dad504bfeeb9fa073451a766766d7da22b5
.dll windows x86

8d02684804af9b51674c4dd53ef28ec1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrRStrIW
StrCmpLogicalW

kernel32

UnlockFile
FlushViewOfFile
GetBinaryTypeW
SetupComm
SetCommTimeouts
EnumSystemLocalesA
SetFileApisToOEM
GetThreadContext
ConnectNamedPipe
GetFileInformationByHandle
GetSystemTime
DeviceIoControl
RegisterWaitForSingleObject
WaitForMultipleObjects
SetFileAttributesA
IsBadWritePtr
UnhandledExceptionFilter
OpenFileMappingA
FindResourceExW
GetCommandLineA
GetExitCodeThread
GlobalGetAtomNameW
GetTempFileNameA
SetTimerQueueTimer
DuplicateHandle
MoveFileExA
LoadLibraryW
CreateNamedPipeA
lstrlenA
VirtualQuery
SetEvent
CompareStringW
GetCompressedFileSizeW
CreateSemaphoreW
GetAtomNameA
VirtualProtect
GetNumberFormatW
GetSystemDefaultLangID
AddAtomW
LCMapStringW
DefineDosDeviceW
CallNamedPipeW
GetThreadPriority
RemoveDirectoryA
GetCommTimeouts
CreateMailslotW
GetLongPathNameW
FindResourceW
GetFileAttributesA
CreateMutexW
DisconnectNamedPipe
FindClose
HeapReAlloc
GlobalFlags
GetShortPathNameA
GlobalFindAtomW
TryEnterCriticalSection
CancelWaitableTimer
FindFirstChangeNotificationW
ClearCommBreak
GlobalMemoryStatus
lstrcpyW
FindCloseChangeNotification
GetPriorityClass
SetCommState
GetCommProperties
GetProcAddress
lstrcmpiW
GetTickCount
GetModuleHandleA
SetFilePointer
GetComputerNameExW
SetEndOfFile
CreateSemaphoreA
GetTimeFormatA
TlsFree
SetCommMask
FindResourceA
CreateDirectoryW
DeleteAtom
OpenEventW
lstrcatA
LocalLock
TransactNamedPipe
ConvertDefaultLocale
EnumResourceLanguagesA
GetStringTypeExW
LCMapStringA
ReadFile
GetModuleFileNameA
FindFirstFileW
SetThreadLocale
CopyFileA
GlobalAddAtomW
GetFileType
GetSystemDirectoryW
GetStdHandle
WaitForSingleObject
LoadResource
FindNextFileW
IsBadReadPtr
SetSystemTimeAdjustment
HeapCreate
TlsGetValue
GetTempFileNameW
IsValidLanguageGroup
GetVersionExW
SetMailslotInfo
SystemTimeToFileTime
SizeofResource
GetFullPathNameW
EnumResourceNamesA
GetUserDefaultUILanguage
CreateMutexA
lstrcmpW
GetNumberFormatA
GetCommModemStatus
LocalUnlock
GlobalReAlloc
GetLastError
GlobalDeleteAtom
SetThreadAffinityMask
GlobalMemoryStatusEx
DeleteFileW
lstrcatW
GetSystemWindowsDirectoryW
ResumeThread
GetUserDefaultLangID
OpenSemaphoreW
InitializeCriticalSection
VirtualFree
CloseHandle
GetSystemInfo
RaiseException
CreateNamedPipeW
GetModuleFileNameW
CreateThread
EnterCriticalSection
EnumResourceTypesA
DeleteCriticalSection
LockFile
GetSystemWindowsDirectoryA
GetWindowsDirectoryW
WinExec
HeapWalk
GetStartupInfoA
GetAtomNameW
WideCharToMultiByte
TerminateThread
IsBadStringPtrW
GetFileAttributesW
MoveFileExW
GetVersion
CopyFileW
CreateWaitableTimerA
GlobalSize
SetThreadContext
GetCurrentThreadId
SetLastError
SetFileTime
LockResource
GetSystemDefaultUILanguage
CreateFileA
SuspendThread

Exports

Exports

?AightDialog@@YGEUtext@@@Z
?NineDialog@@YGEUtext@@@Z

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 134B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.post
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.msg3
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msg1
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d02684804af9b51674c4dd53ef28ec1

Headers

File Characteristics

Imports

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 29KB

.edata Size: 512B - Virtual size: 134B

.data Size: 29KB - Virtual size: 29KB

.post Size: 16KB - Virtual size: 16KB

.msg3 Size: 35KB - Virtual size: 34KB

.msg1 Size: 23KB - Virtual size: 23KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 29KB

.edata
Size: 512B - Virtual size: 134B

.data
Size: 29KB - Virtual size: 29KB

.post
Size: 16KB - Virtual size: 16KB

.msg3
Size: 35KB - Virtual size: 34KB

.msg1
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB