c317a1316e9c23afb870e32086ffd84c4587f43eb29f856b3d323d44ffa16136

Sharing

Copy URL Twitter E-mail

General

Target

c317a1316e9c23afb870e32086ffd84c4587f43eb29f856b3d323d44ffa16136
Size

367KB
MD5

d98e021904d2a2313cf2ab76eaee7df0
SHA1

ca749c63087ce2801fc0e7876e83ac7c79edcbd9
SHA256

c317a1316e9c23afb870e32086ffd84c4587f43eb29f856b3d323d44ffa16136
SHA512

9f72c114df1e5421ea8b0b6b307481174e10946c1889ce74abfc2b187e1dfcaa8a29859c3875fa5851e14eafded2f6de32e8a0fb8a1e80fc3f62cf781f46484b
SSDEEP

6144:gEXG0hibNNnTnKUiCHWik8lg0HTd/O8oj1QarhxPPDyxOcJx:gcfYTnK8dPHh/O8orrLPEj

Score

N/A

Malware Config

Signatures

Files

c317a1316e9c23afb870e32086ffd84c4587f43eb29f856b3d323d44ffa16136
.dll windows x86

e6073648e1fb95758cf950dce55851ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegReplaceKeyA
RegEnumKeyExA
RegGetKeySecurity
RegReplaceKeyW
RegQueryValueW
RegEnumKeyA
RegFlushKey
RegDeleteKeyW
RegLoadKeyW
RegDeleteValueA
RegQueryValueExW
RegOpenKeyW
RegEnumValueA
RegEnumKeyExW
RegEnumKeyW
RegReplaceKeyA
RegOpenKeyExA
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteValueA
RegCreateKeyW
RegQueryValueExA
RegQueryInfoKeyA
RegLoadKeyW
RegFlushKey
RegDeleteKeyA
RegEnumValueA
RegQueryValueExW

user32

GetMenu
BlockInput
GetWindowTextLengthA
DialogBoxParamA
CopyRect
IsMenu
LoadCursorA
GetWindow
EndDialog
LoadMenuA
CopyImage
DrawTextW
AlignRects
DrawTextA
AppendMenuW
DrawIconEx
DialogBoxParamW
IsWindow
DrawTextW
LoadCursorA
InsertMenuA
CloseWindow
GetWindow
GetCursor
DrawIcon
CreateIcon
CalcMenuBar
GetMenu
EndDialog
BlockInput
EndDialog
AppendMenuA
InsertMenuA
GetWindowTextA
DrawIconEx
IsMenu
LoadCursorA
CloseWindow
CopyIcon
BlockInput
GetWindowTextLengthA
CopyImage
DialogBoxParamA
IsWindow
LoadMenuA

kernel32

WriteFile
GetConsoleMode
CopyFileExW
CreateProcessA
OpenFileMappingA
FindAtomA
ReadConsoleA
CreateDirectoryA
DeleteFileW
GetFileSize
Sleep
GetStdHandle
GetCommandLineA
ExitThread
GetFileTime
GetComputerNameA
WriteFile
CreateThread
GetComputerNameA
CopyFileExA
GetFileSize
DeleteFileW
ExitThread
CopyFileW
FindAtomA
GetCommandLineA
GetLastError
GetFileTime
GetCPInfo
ReadConsoleW
GetStdHandle
CopyFileExW
DeleteAtom
OpenFileMappingA

Sections

DATA
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.b6284
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6073648e1fb95758cf950dce55851ad

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

DATA Size: 11KB - Virtual size: 11KB

.data Size: - Virtual size: 2KB

.rdata Size: - Virtual size: 1KB

.bss Size: 348KB - Virtual size: 348KB

.b6284 Size: 3KB - Virtual size: 2KB

.edata Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 237KB

DATA
Size: 11KB - Virtual size: 11KB

.data
Size: - Virtual size: 2KB

.rdata
Size: - Virtual size: 1KB

.bss
Size: 348KB - Virtual size: 348KB

.b6284
Size: 3KB - Virtual size: 2KB

.edata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 237KB