c738d81cf3323d67d0e8bcca4df251c4f10a446d3f326e59adc29ed97d2c20b8

Sharing

Copy URL

Twitter E-mail

General

Target

c738d81cf3323d67d0e8bcca4df251c4f10a446d3f326e59adc29ed97d2c20b8
Size

104KB
MD5

16960888be49bf8a5cc08bfa801a93eb
SHA1

eabf667642cc21d263496f806bb4de5ee86dc90a
SHA256

c738d81cf3323d67d0e8bcca4df251c4f10a446d3f326e59adc29ed97d2c20b8
SHA512

491da78e9d772714d251de8e271155838560412a195365ab3b5d5113cfdea7777f83f9c72010ce2b7a29599c45ddabd4ebf6d26e900061a6219851d718cc3359
SSDEEP

1536:L/mpvtd28MX0SfT+SB5GdzUh+/0w8BA6FLNhGZlH9pJa6QObFk9PwiUishjBZEQd:L/sdMX5Tvi6+/976uHRTHFGwiWlGO

Score

N/A

Malware Config

Signatures

Files

c738d81cf3323d67d0e8bcca4df251c4f10a446d3f326e59adc29ed97d2c20b8
.zip
CIA.less
countrymen.org
gist.eps
gunky.odp
spontaneous.diff
trainmen.rtf
.dll regsvr32 windows x86

718234259262b6907bd87bea0c0904e9

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoRegisterSurrogate
CoRegisterClassObject
CoUninitialize

kernel32

HeapDestroy
CreateEventA
FileTimeToLocalFileTime
GetVersion
LoadLibraryA
ExitProcess
MultiByteToWideChar
GetCurrentProcessId
GetModuleFileNameA
VirtualProtectEx
Sleep
GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

DllRegisterServer
Redabove

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

718234259262b6907bd87bea0c0904e9

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

ole32

kernel32

Exports

Exports

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 3KB - Virtual size: 87KB

.rsrc Size: 1024B - Virtual size: 992B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 3KB - Virtual size: 87KB

.rsrc
Size: 1024B - Virtual size: 992B

.reloc
Size: 8KB - Virtual size: 7KB