uy[.]bak | Triage

Sharing

Copy URL Twitter E-mail

General

Target

uy.bak
Size

1.4MB
MD5

cec0ff8c313c6a4f30237c55860ec10f
SHA1

326f8d090d33a2c2eae1ead16b99e94771876ad5
SHA256

b1343e2af43f016d3c74ef3913f5bc6dab7bdebdafa6bf5b73494a887afe87ac
SHA512

8446be6ea87dc60d4dfe468a666f0ae494bf65ff7c60aeab75663ecaa20aa820e51bbee391f60d561ebe73a148b6f1f5307a13ec49c0ddca97237163cf82ff9e
SSDEEP

24576:so44gWDRYlWIawoNtci+yxMCtiKe75fOHkNRwZ5ByIJQ8s3NDmTb:7g+RYlotci+yOiiKe54aw5yIJQ88qb

Score

1^/10

Malware Config

Signatures

Files

uy.bak
.dll windows x86

6dd944c7d96f562769d5498bbbdabacc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

LoadTypeLibEx

msvcrt

memset
fsetpos

user32

OffsetRect
GetSystemMetrics
AnyPopup
GetMenuItemRect
BeginPaint
InsertMenuW
GetMessageW
IsWindow

kernel32

LoadLibraryW
GetFileInformationByHandle
ChangeTimerQueueTimer
UnhandledExceptionFilter
SetCommMask
DebugBreak
LocalUnlock
VirtualProtectEx
GetPrivateProfileStructA
GetTapeParameters
LocalLock
FindNextChangeNotification
lstrcpynW
GetModuleFileNameA
GetLastError
GetBinaryTypeA
GetUserDefaultLangID
WaitForSingleObjectEx

shlwapi

ChrCmpIA

ws2_32

socket

advapi32

OpenProcessToken

gdi32

SetTextJustification
CreateHatchBrush
CreateBitmapIndirect
RealizePalette
GetFontLanguageInfo

urlmon

FindMimeFromData

secur32

FreeCredentialsHandle

version

GetFileVersionInfoSizeA
GetFileVersionInfoW

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6dd944c7d96f562769d5498bbbdabacc

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

msvcrt

user32

kernel32

shlwapi

ws2_32

advapi32

gdi32

urlmon

secur32

version

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 40KB - Virtual size: 41KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 20KB - Virtual size: 18KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 40KB - Virtual size: 41KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 20KB - Virtual size: 18KB