a0ab86e9efe2856e3f117c10199eec4bbe0ab86dcad8c5cbb0f4d5164d0b9a14

Sharing

Copy URL

Twitter E-mail

General

Target

a0ab86e9efe2856e3f117c10199eec4bbe0ab86dcad8c5cbb0f4d5164d0b9a14
Size

101KB
MD5

cd7025a2c42410cdd034eca2e5b191e0
SHA1

13ce5d3daab90708983eb66bc0ece5fcc3e4eeba
SHA256

a0ab86e9efe2856e3f117c10199eec4bbe0ab86dcad8c5cbb0f4d5164d0b9a14
SHA512

3192519e964220c0413d596e074da3abaaeae5d9495b7623410410046637318a2f49525a75f16fcfec29a4359329d212a4cbe1fa4f1fc645adadddb0c79476e5
SSDEEP

3072:bGi1nGeyrKDXz3XAawc6HaWYK3f/NAo4:CiqKTw190KvVAo

Score

N/A

Malware Config

Signatures

Files

a0ab86e9efe2856e3f117c10199eec4bbe0ab86dcad8c5cbb0f4d5164d0b9a14
.dll windows x86

80f74e90fdf76b5f42536d2b2be57b21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenSemaphoreA
IsBadReadPtr
VirtualAlloc
OpenEventW
OpenMutexW
IsDebuggerPresent
GetProcAddress
LoadLibraryA
GetProcessHeap
GetCurrentThreadId
lstrcpyA
lstrcpyW
OpenWaitableTimerW
LoadLibraryW
GetModuleFileNameA
InterlockedIncrement
GetVersion
GetLocalTime
VirtualProtect
OpenEventA
LoadLibraryExW
GetTickCount
VirtualQuery
IsBadCodePtr
lstrcmpA
lstrlenW
lstrcpynA
GetHandleInformation
lstrcpynW
InterlockedExchange

user32

IsClipboardFormatAvailable
GetWindowRgn
GetLastActivePopup
IsWindowVisible
IsChild
GetGUIThreadInfo
GetClientRect
GetWindowInfo
GetWindow
IsMenu
IsWindowUnicode
GetWindowDC
GetForegroundWindow
GetIconInfo
GetDesktopWindow
WindowFromDC
GetDlgItem
GetParent
GetMenuContextHelpId

advapi32

GetUserNameA
IsValidSecurityDescriptor
IsValidAcl
AreAnyAccessesGranted
IsValidSid

gdi32

GetBitmapDimensionEx
GdiFlush

ole32

CoRevertToSelf
CoGetCurrentProcess
CoDosDateTimeToFileTime
CoFileTimeNow

shell32

ord64
ord524
ord680
ord66
DuplicateIcon

shlwapi

PathIsUNCA
PathRemoveBackslashA
PathGetArgsA
PathQuoteSpacesA
PathIsRootW
PathBuildRootA
PathQuoteSpacesW
PathIsSameRootW
PathRemoveArgsA
StrCmpNA
PathCommonPrefixW
PathMakePrettyW
PathIsPrefixW
PathGetCharTypeW
PathCommonPrefixA
StrStrIW
PathCreateFromUrlA
PathIsFileSpecW
PathGetDriveNumberW
StrCmpNIW
PathIsRelativeA
PathGetDriveNumberA
StrStrA
StrSpnW
StrCSpnA
PathRemoveBlanksA
PathIsSameRootA
PathRemoveExtensionW
PathFindExtensionA
PathCreateFromUrlW
StrCmpW
StrCpyW
StrCpyNW
PathSkipRootA
PathIsUNCServerShareW
PathAddBackslashW
StrTrimA
PathAddExtensionA
ChrCmpIA
StrRChrA
PathRemoveBlanksW
StrChrIW
PathMakePrettyA
StrPBrkW

msvcrt

_mbctoupper
_mbsspn
_wcsset
_mbsicmp
_strnicmp
_mbcjistojms
_mbclen
_mbspbrk
_getmaxstdio
_nextafter
wcsncpy
free
_finite
_mbsset
_initterm
malloc
_adjust_fdiv
calloc
strncmp
_getdrive
_CIfmod
_mbsicoll
ldexp
mbtowc
_mbsbtype
_mbbtombc
_mbscpy
wcscoll
_wcsrev
wcstombs
strxfrm
clock
isalpha
_itoa
strerror
_mbsncpy
_wcsncoll
wcsncmp
_mbstrlen
wcscmp
ispunct
rand
memchr
_getpid
_copysign
wcsrchr
_mbslwr
_strdate
_wcsicoll
_wgetenv
_mbsncmp
strncpy
_strlwr
_wstrdate
_strtime
_strrev
isalnum
_errno
wcspbrk

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80f74e90fdf76b5f42536d2b2be57b21

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

shell32

shlwapi

msvcrt

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 82KB - Virtual size: 88KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 82KB - Virtual size: 88KB

.reloc
Size: 3KB - Virtual size: 3KB