6357da936bd35bcdd421fa35a45694940beed7661cbd730fb018c746fc6e2089

Sharing

Copy URL Twitter E-mail

General

Target

6357da936bd35bcdd421fa35a45694940beed7661cbd730fb018c746fc6e2089
Size

90KB
MD5

9461b5834a5544ef51ddfdf7b6f32cf0
SHA1

62e4728c745784e09f6370e83b7e750817996a96
SHA256

6357da936bd35bcdd421fa35a45694940beed7661cbd730fb018c746fc6e2089
SHA512

a360a42d4b72610713719da42599975429a1f5897cdb55240019bc57a78e772f08a956a161614061ed899b0005d4d07606288250fd106f9914195dac4f7f1ad9
SSDEEP

1536:9liU314z3wXZzSXpw9VXvZ6yYLn0yxc3HYfPTIG9hG7Lyvo/y2IVN/outD3zJ:fiU314z3wXZG5cJbYjQHt+vo/1IVN/oI

Score

N/A

Malware Config

Signatures

Files

6357da936bd35bcdd421fa35a45694940beed7661cbd730fb018c746fc6e2089
.dll windows x86

2b10ac0857897c5d287de8290bb2a647

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathMakeSystemFolderW
PathIsDirectoryEmptyA
SHDeleteValueW
StrStrA
PathFileExistsA
StrChrW
StrRetToStrA
PathIsContentTypeW
PathIsUNCServerShareW
PathRemoveBlanksW
StrRChrA
PathIsRelativeA
ColorHLSToRGB
AssocQueryKeyW
PathUnmakeSystemFolderA
UrlUnescapeA
SHCopyKeyW
PathAppendA
UrlEscapeW
SHRegGetPathW
UrlCanonicalizeA
PathIsDirectoryW
ColorRGBToHLS
PathFindExtensionA
StrFormatKBSizeW
SHRegCloseUSKey
PathCreateFromUrlW
StrChrIW
PathMakePrettyW
StrDupW
StrCSpnW
SHOpenRegStreamW
PathMakePrettyA
PathGetCharTypeW

kernel32

GetCurrencyFormatW
CompareStringW
GetVersionExA
MoveFileExW
IsBadWritePtr
BeginUpdateResourceA
ReadFileEx
DisconnectNamedPipe
QueryPerformanceFrequency
CreateDirectoryW
FindFirstVolumeA
CreateJobObjectW
SetComputerNameExW
RemoveDirectoryW
EnumResourceNamesA
GetEnvironmentVariableW
GetCurrencyFormatA
GlobalFix
SetHandleCount
GetTempPathA
MapUserPhysicalPagesScatter
CopyFileExA
GetLastError
DeleteTimerQueueEx
FillConsoleOutputAttribute
ClearCommBreak
lstrcmpA
VirtualAlloc
GetLogicalDrives
SetConsoleMode
MulDiv
GlobalUnfix
GetSystemTime

ole32

HICON_UserUnmarshal
OleRegGetMiscStatus
ProgIDFromCLSID
PropVariantClear
StgCreatePropSetStg
OleCreateMenuDescriptor
StgIsStorageILockBytes
HMENU_UserMarshal
OleUninitialize
CoTaskMemFree
CoQueryClientBlanket
OleCreateLinkEx
OleCreateStaticFromData
FmtIdToPropStgName
CoMarshalHresult
HDC_UserSize

advapi32

LookupPrivilegeDisplayNameA
AccessCheckAndAuditAlarmA
LookupAccountSidW
InitializeAcl

shell32

SHGetDiskFreeSpaceExW
FindExecutableW
SHFileOperationA
SHFreeNameMappings
FindExecutableA
SHEmptyRecycleBinA
CommandLineToArgvW
SHLoadNonloadedIconOverlayIdentifiers

winmm

joyGetPos
midiInGetNumDevs
auxGetVolume
waveInReset
waveOutGetErrorTextA
midiOutClose
auxSetVolume
mixerClose
midiStreamProperty
timeEndPeriod
midiOutSetVolume
joyGetThreshold
mixerGetControlDetailsA
joyGetPosEx
midiStreamRestart
waveInStart
midiOutUnprepareHeader
mmioSeek
mmioWrite
mmioAdvance
midiOutCachePatches
midiOutGetNumDevs
auxGetDevCapsW
midiOutLongMsg
midiInGetErrorTextA
mixerGetLineControlsA
mciSendStringA
midiOutGetDevCapsA
OpenDriver
mmioDescend
waveInOpen
midiInStart

Exports

Exports

SaAAdjustTokeenData
SaDeacctivatteeHandle
SaDeeactivateDDesktopData
SaEndCurrrsorState
SaEndProccPoss
SaGeetCursorLengthh
SaGetClippbboardReect
SaSSetWinndow

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b10ac0857897c5d287de8290bb2a647

Headers

File Characteristics

Imports

shlwapi

kernel32

ole32

advapi32

shell32

winmm

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 45KB

.data Size: 34KB - Virtual size: 62KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 46KB - Virtual size: 45KB

.data
Size: 34KB - Virtual size: 62KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB