ee79a106eb0a2dae2377f6246852d6ce274c698ed5747a39dc6f397f4705b02d

Sharing

Copy URL Twitter E-mail

General

Target

ee79a106eb0a2dae2377f6246852d6ce274c698ed5747a39dc6f397f4705b02d
Size

316KB
MD5

610afeaa7ec9add3b29c12a5052700ed
SHA1

08ba524cb86a1349d31676e09cca6a433da44b54
SHA256

ee79a106eb0a2dae2377f6246852d6ce274c698ed5747a39dc6f397f4705b02d
SHA512

5aee610a2ff2a832870282a890305e5c7b15b2c564cf5dd5d9ecd24f1191f44b8797cdf506abdac610c5d16e40899ce01b8dcc1a2caf3c4699f2c38888779f52
SSDEEP

6144:RXvRU5DVU1sXHUjv5xFMwcWV0gorTWGL+nfSi6eXSs:R5URG1wUjBxSC0TWsWF6fs

Score

N/A

Malware Config

Signatures

Files

ee79a106eb0a2dae2377f6246852d6ce274c698ed5747a39dc6f397f4705b02d
.dll windows x86

6176e2a142653611ab9359df2fd44146

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
WaitForSingleObject
CreateThread
GetTickCount64
VirtualAlloc
GetStdHandle
SetStdHandle
SetEnvironmentVariableW
ExpandEnvironmentStringsW
CreateDirectoryW
CreateFileA
CreateFileW
GetDriveTypeW
GetFileAttributesW
SetFileAttributesW
SetUnhandledExceptionFilter
QueryPerformanceCounter
DeviceIoControl
LeaveCriticalSection
ReleaseMutex
GetCurrentProcess
GetCurrentThread
TlsAlloc
TlsGetValue
TlsFree
GetSystemInfo
GetVersion
GetSystemDirectoryW
CreateFileMappingW
FindResourceExW
GetModuleFileNameA
GetProcAddress
LoadResource
FindResourceW
LoadLibraryW
LocalAlloc
lstrcmpiA
lstrlenA
lstrlenW
CreateFileMappingA
SystemTimeToFileTime
GetConsoleCP
ReadConsoleW
WriteConsoleW
CloseHandle
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GetProcessHeap
LCMapStringW
GetModuleHandleW
GetTickCount
DecodePointer
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RaiseException
RtlUnwind
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsSetValue
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte

user32

SendMessageA
EndDialog
SystemParametersInfoW
LoadBitmapW
GetWindow
GetSysColor
MapWindowPoints
ScreenToClient
GetWindowTextLengthW
RedrawWindow
GetDC
GetSystemMetrics
SetCapture
GetFocus
GetDlgItemTextW
UnregisterClassA
KillTimer
SetTimer

advapi32

RegCloseKey

ole32

CoCreateGuid
CoInitializeEx

shlwapi

PathFileExistsA
PathFindOnPathA

Exports

Exports

Updt
towerwork
unrhetoricalness

Sections

.data
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6176e2a142653611ab9359df2fd44146

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shlwapi

Exports

Exports

Sections

.data Size: 280KB - Virtual size: 280KB

DATA Size: 4KB - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 8KB - Virtual size: 8KB

.data
Size: 280KB - Virtual size: 280KB

DATA
Size: 4KB - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 8KB - Virtual size: 8KB