94dcc41383953666bf4f5c86c92896fa6fc27b36eed501f1cb6d509aa1204b67

Sharing

Copy URL

Twitter E-mail

General

Target

94dcc41383953666bf4f5c86c92896fa6fc27b36eed501f1cb6d509aa1204b67
Size

113KB
MD5

0c700cda021158f1a3eddf2a3ebf9be2
SHA1

746ef8d5af6dbd06ac81208761a9424fa4aacb0d
SHA256

94dcc41383953666bf4f5c86c92896fa6fc27b36eed501f1cb6d509aa1204b67
SHA512

3ed015983d49aad61390d75d05bc1a10eaad19834dafdc54143ee6ac02b1125ccfd81d1388423cc89d8aba48eb3a9f1c396ba07f3bdd60a3d4110dacfc74f8d6
SSDEEP

3072:JlWcxOptvr8DhzYH//mkDutTmw2vWKMMiU1m9:J9xy1WhzUekDqqw2vWKNP

Score

N/A

Malware Config

Signatures

Files

94dcc41383953666bf4f5c86c92896fa6fc27b36eed501f1cb6d509aa1204b67
.dll windows x86

eeeed78bfe70268307271b151d937122

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeleteFileA
ExitProcess
GetACP
GetCommandLineA
GetLastError
GetLocalTime
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetStartupInfoA
HeapAlloc
InterlockedIncrement
RtlUnwind
SetCurrentDirectoryA
SetErrorMode
SetLastError
VirtualFree
WritePrivateProfileSectionA
lstrcmpiA
lstrcpyA

advapi32

RegCloseKey
RegEnumKeyA
RegLoadKeyA
RegOpenKeyExA
RegQueryValueA
LookupPrivilegeValueA

ole32

CoUninitialize
CoInitialize
OleFlushClipboard
CoGetClassObject
CoCreateInstance
CLSIDFromProgID
StgCreateDocfileOnILockBytes
RevokeDragDrop
OleUninitialize
OleSetClipboard
OleLockRunning
OleInitialize
CreateOleAdviseHolder
GetRunningObjectTable
DoDragDrop

user32

SetMenuInfo
SetCursor
MessageBoxA
GetCursor
EnableWindow
DrawCaption
DispatchMessageA
DialogBoxParamA
CreateMDIWindowA
CreateIconFromResourceEx
CreateDesktopA
CreateCursor
CharUpperA
ChangeMenuA
DrawTextA

shell32

SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoA
SHGetMalloc
ShellExecuteExA
ShellExecuteExW
Shell_NotifyIconA
SHBindToParent

shlwapi

PathCanonicalizeA
PathCompactPathExA
PathFileExistsA
StrStrIA
PathMatchSpecA
PathIsRootA
PathIsDirectoryA
PathFindExtensionA
PathAppendA

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionFontA
ImmSetCompositionWindow
ImmGetCompositionStringW

msvcrt

vsprintf
__set_app_type
_errno
fflush
getenv
malloc
memcpy
memmove
memset
rand
realloc
sprintf
sscanf
strcmp
strlen
__dllonexit

oleaut32

SysAllocStringLen
SysStringLen
VariantChangeTypeEx
VariantClear
LoadTypeLib

Exports

Exports

Bnst
Cg
Ddjkit
Hfwyal
Ifybouuq
Iirfjx
Jv
Kttsogp
Ml
Odkjtxf
Sqz
Tiuvguvgc
Wrlsba
Zfx

Sections

.text
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eeeed78bfe70268307271b151d937122

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

user32

shell32

shlwapi

imm32

msvcrt

oleaut32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 24KB

.rdata Size: 29KB - Virtual size: 32KB

.data Size: 32KB - Virtual size: 32KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 23KB - Virtual size: 24KB

.rdata
Size: 29KB - Virtual size: 32KB

.data
Size: 32KB - Virtual size: 32KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB