d0fa0e6bdd4a995e8b0de586e8a030f8ce4ac81b56614c6f6629792089060356

Sharing

Copy URL Twitter E-mail

General

Target

d0fa0e6bdd4a995e8b0de586e8a030f8ce4ac81b56614c6f6629792089060356
Size

59KB
MD5

cf888d86d78f48cb86838556132ce3a0
SHA1

7254faa25a27abfedda8463f8f172b8d81cb53fc
SHA256

d0fa0e6bdd4a995e8b0de586e8a030f8ce4ac81b56614c6f6629792089060356
SHA512

37bef77193f9f0d19410fdea00f3b36ee626803a425f81c4aba3404c01fa67ed8034d6b8858f0962ab712c26c825526beb8b0bf8f83b92d545f1753b5858e441
SSDEEP

1536:VVv0b9t8a5hjJ5vUVgR5SLbhmHkQW+jgkZ0pOG:bcb38KUpEHFgkFG

Score

N/A

Malware Config

Signatures

Files

d0fa0e6bdd4a995e8b0de586e8a030f8ce4ac81b56614c6f6629792089060356
.dll windows x86

b8211ebdf6f7cf2de431978ced527547

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultUILanguage
GetLastError
AssignProcessToJobObject
EraseTape
BeginUpdateResourceA
CallNamedPipeA
EraseTape
CreateWaitableTimerA
FindFirstFileExA
_llseek
GetProcessPriorityBoost
BackupRead
QueryDosDeviceA
FatalExit
BindIoCompletionCallback
DeleteFiber
EnumSystemCodePagesW
GetVolumePathNameW
ReadConsoleInputW
SetLocaleInfoA
GetLargestConsoleWindowSize
PrivMoveFileIdentityW
CreateNamedPipeA
AddAtomW
GetCurrencyFormatA
GetCommConfig
PrepareTape
FindFirstFileExW
CloseHandle
FileTimeToSystemTime

msvcrt

_waccess
_heapmin
__p___argc
sin
??0__non_rtti_object@@QAE@PBD@Z
_aexit_rtn
gets
gmtime
strchr
_wcsrev
acos
system
fabs
_lock
_wcsset
clearerr
_y1
strtoul
__fpecode
_fullpath
_ismbbkana

gdi32

PATHOBJ_bEnum
GdiEntry10
EngGetCurrentCodePage
EngGradientFill
PlayEnhMetaFileRecord
SetPaletteEntries
EnableEUDC
GdiReleaseLocalDC
CreateRoundRectRgn
PATHOBJ_vEnumStart
EngDeleteSurface
bInitSystemAndFontsDirectoriesW
PATHOBJ_vGetBounds
GetDIBits
GetCharABCWidthsA
ExtCreatePen
SetBoundsRect
SelectObject
EngComputeGlyphSet
EngDeletePath
GdiAddFontResourceW
GdiAlphaBlend
EngReleaseSemaphore
GdiStartPageEMF
EngStrokePath
GdiGetPageCount
DeleteObject
EngCheckAbort
PolyPolyline

user32

UnregisterDeviceNotification
RealChildWindowFromPoint
UpdateLayeredWindow
DlgDirSelectExA
GetWindowModuleFileNameA
RegisterTasklist
ChangeDisplaySettingsA
GetMenuBarInfo
LoadIconW
UnhookWindowsHook
EmptyClipboard
GetKeyboardType
SoftModalMessageBox
DrawCaption
InvertRect
InsertMenuItemW
TranslateMessage
GetInputDesktop
EnumDisplayDevicesA
DeleteMenu
DrawTextExW
GetKeyboardLayoutList
GetWindowDC
GetWindowTextA
CreateIconFromResource

shlwapi

PathRemoveArgsW
SHDeleteKeyA
StrRChrIW
StrIsIntlEqualW
StrFormatByteSizeW
StrDupA
SHRegGetPathA
StrFormatByteSizeA
StrCatBuffA
SHDeleteValueA
SHRegOpenUSKeyW
SHDeleteEmptyKeyA
SHRegSetPathW
SHRegGetBoolUSValueW
PathFindExtensionW
SHRegEnumUSValueA
UrlEscapeW
SHIsLowMemoryMachine
PathRelativePathToA
SHGetThreadRef
UrlIsA
StrPBrkW
StrStrW

Exports

Exports

VhvzrmdTowgtyCyvrz
VdylCujsrRcdo
WgIpnzggiKoixwoRlca
FiuygGuzsOcsua
IcrCcxtjr
CyVxcdUyr
XhjnfqFkhyDczzVp
CqGvhqHnnbrtrRckyjPcy
HrsbIbox
KracrkJf
RfbrXpr
XewafXml
RdwOmmjtPqvlx
GyrcbprFmahj
FngHnnrthjHsrmb

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8211ebdf6f7cf2de431978ced527547

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

shlwapi

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 1024B - Virtual size: 736B

.reloc Size: 512B - Virtual size: 16B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 1024B - Virtual size: 736B

.reloc
Size: 512B - Virtual size: 16B