575855450c9cf2e6c5c1c13d66d09fa1bebfa3471a14104440b3180f1e6c20ba

Sharing

Copy URL Twitter E-mail

General

Target

575855450c9cf2e6c5c1c13d66d09fa1bebfa3471a14104440b3180f1e6c20ba
Size

100KB
MD5

b23882177bd21d3c64e739769f048040
SHA1

00edc01b1a4ba30279de7151d365eabafe1551ff
SHA256

575855450c9cf2e6c5c1c13d66d09fa1bebfa3471a14104440b3180f1e6c20ba
SHA512

706eda35034b4a30832c654abeef648b91eb4af9b0fe1e1cd42dbecd32b1c7ba26703ae3baf4b9e448eecc2dc180ae725e11e84a01f70761e3af385ffcd881ab
SSDEEP

3072:25AHwK48Nk4a4wfv0b8TOl8Qg1GCo6C3o5yUQoVe:VwRUMY8PG8C3

Score

N/A

Malware Config

Signatures

Files

575855450c9cf2e6c5c1c13d66d09fa1bebfa3471a14104440b3180f1e6c20ba
.dll windows x86

191170e14bc5bf0f1c58974b819fd192

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
CreateThread
WriteProcessMemory
ExitProcess
OpenMutexA
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
CopyFileA
GetFileAttributesExA
GlobalUnlock
GlobalFree
GlobalAlloc
GetLastError
MultiByteToWideChar
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindClose
GetDiskFreeSpaceA
GetVolumeInformationA
GetLogicalDriveStringsA
lstrcpynA
VirtualFree
VirtualAlloc
WideCharToMultiByte
GetSystemTime
CompareStringW
CompareStringA
LoadLibraryA
GetProcAddress
DeleteFileA
lstrcpyA
lstrcatA
lstrcmpA
CreateToolhelp32Snapshot
Process32First
OpenProcess
TerminateProcess
Process32Next
Sleep
CreateFileA
GetFileSize
LockFile
GetWindowsDirectoryA
SetFilePointer
ReadFile
WriteFile
UnlockFile
GetFileTime
SetFileTime
CloseHandle
WritePrivateProfileStringA
lstrlenA
GetSystemDirectoryA
GetPrivateProfileIntA
GetDriveTypeA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
RtlUnwind
HeapAlloc
GetTimeZoneInformation
GetLocalTime
HeapFree
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
HeapDestroy
HeapCreate
HeapReAlloc
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
SetEnvironmentVariableA

user32

FindWindowA

advapi32

SetSecurityDescriptorDacl
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
RegSetKeySecurity
RegFlushKey
RegCreateKeyExA
QueryServiceStatus
ControlService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

shell32

StrStrIA
SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

shlwapi

PathFileExistsA
PathRemoveExtensionA
PathIsDirectoryA

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

191170e14bc5bf0f1c58974b819fd192

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

iphlpapi

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 144B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 144B

.reloc
Size: 8KB - Virtual size: 5KB