932d1c208ffa57d83a185af3b29a17fc90b58ab9c51b8b6fe0ad9c45e86ee95f

Sharing

Copy URL

Twitter E-mail

General

Target

932d1c208ffa57d83a185af3b29a17fc90b58ab9c51b8b6fe0ad9c45e86ee95f
Size

108KB
MD5

68e1522c642f773ad8953e1647d44742
SHA1

c2b2070b1954ea6225eade51101f66ab32217d70
SHA256

932d1c208ffa57d83a185af3b29a17fc90b58ab9c51b8b6fe0ad9c45e86ee95f
SHA512

595b1466b93cb2b4190d804da59261a382bf75c278f012fde94539a7ed244ad1ed60d287971b50f3f66b2cfa849f6be647fa47ae2f050654d06505a075710534
SSDEEP

1536:oN7FSZrYd35IARnmMrWAMeEqxyoBQEn+gRPZ7whBLulRPRh9QadhRF7KXdd/sJ+M:8wSdJX9mOcTjMOhBLo/Qa3jKPu+eIG

Score

N/A

Malware Config

Signatures

Files

932d1c208ffa57d83a185af3b29a17fc90b58ab9c51b8b6fe0ad9c45e86ee95f
.dll windows x86

1436b67e63676e5f3975db9c9363faef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
InterlockedExchange
lstrcpyW
DeviceIoControl
GetProcAddress
lstrcmpW
FreeLibrary
LoadLibraryW
lstrlenW
WideCharToMultiByte
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameW
LCMapStringW
GetProcessHeap
VirtualProtect
HeapFree
HeapReAlloc
LocalAlloc
GetCurrentProcess
ExpandEnvironmentStringsA
GetTickCount
HeapCreate
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateEventA
SetEvent
GetCurrentThread
CloseHandle
MultiByteToWideChar
LocalFree
GetLastError
SetLastError
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
GetFileInformationByHandle
GetVersion
GetOverlappedResult

user32

SendMessageW
IsWindow
FindWindowW
LoadStringW
EnableWindow
SetCaretBlinkTime
CharPrevA
wsprintfA
CharLowerA
KillTimer
SystemParametersInfoW
SetCursor
LoadCursorW
SendMessageTimeoutW
ReleaseDC
MapWindowPoints
GetWindowRect
GetSystemMetrics
CheckRadioButton
SendDlgItemMessageW
GetNextDlgTabItem
GetWindowLongW
SetWindowLongW
GetKeyState
CallWindowProcW
FillRect
DialogBoxParamW
EndDialog
CheckDlgButton
WinHelpW
SetTimer
GetParent
GetSysColorBrush
GetDlgItem
GetDC
InvalidateRect
wsprintfW

advapi32

RegCreateKeyExW
RegUnLoadKeyA
RegSetValueExW
RegOpenKeyA
RegEnumKeyA
RegSetValueExA
RegEnumValueW
RegCreateKeyA
SetSecurityDescriptorSacl
GetKernelObjectSecurity
MakeAbsoluteSD
SetKernelObjectSecurity
AddAce
RegEnumValueA
AccessCheck
AccessCheckAndAuditAlarmW
RegQueryValueExA
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
FreeSid
SetServiceStatus
CryptAcquireContextA
CryptReleaseContext
OpenThreadToken
RevertToSelf
RegOpenKeyExA
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegLoadKeyA

ole32

CoUninitialize
StringFromGUID2

rpcrt4

RpcRevertToSelf
RpcImpersonateClient

msvcrt

localtime
time
_except_handler3
strchr
qsort
free
wcslen
_strlwr
_strnicmp
wcsncpy
_initterm
wcscat
wcsstr
wcscspn
swprintf
wcscpy
_vsnprintf
iswspace
_CxxThrowException
malloc
_amsg_exit
strstr
memcpy
memset
_adjust_fdiv
_wcsicmp

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1436b67e63676e5f3975db9c9363faef

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rpcrt4

msvcrt

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 34KB - Virtual size: 68KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 34KB - Virtual size: 68KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 5KB - Virtual size: 5KB