3339b6583d38272cebd9ebfb71b3b0d582111dd144bad01574f6301e66df3249

Sharing

Copy URL

Twitter E-mail

General

Target

3339b6583d38272cebd9ebfb71b3b0d582111dd144bad01574f6301e66df3249
Size

1.6MB
MD5

230191db3261029a7a170936d783ed59
SHA1

54bf5e9e7d0e84e9eaa9539f109b165df55e72c9
SHA256

3339b6583d38272cebd9ebfb71b3b0d582111dd144bad01574f6301e66df3249
SHA512

6fac72dd92550dfc29a7c86cc7fb45d49649874908021eab652f308431323191a21c618008cb9c57a47be3cf5e2105f003b7ac142f3029febe100ed83a149d16
SSDEEP

49152:wOJxFJUQnAwGUmLN0LFJo3jdqVWuGqC+ji:wSaQm6I8

Score

N/A

Malware Config

Signatures

Files

3339b6583d38272cebd9ebfb71b3b0d582111dd144bad01574f6301e66df3249
.dll windows x86

e53f28d36fe7676c0435424bfbdb4491

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PeekNamedPipe
GetCurrentThread
Sleep
GetEnvironmentVariableA
GetShortPathNameA
ResetEvent
OpenMutexA
FindFirstChangeNotificationA
CreateMutexA
VirtualProtect
DuplicateHandle
GetTempPathA
DeleteFileA
CloseHandle
CreateFileW
FlushFileBuffers
WriteConsoleW
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapFree
HeapReAlloc
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
HeapAlloc
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsDebuggerPresent
GetProcessHeap
ExitProcess
GetModuleHandleExW
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetStdHandle
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteFile
GetModuleFileNameW
LoadLibraryExW
OutputDebugStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle

sensapi

IsNetworkAlive

sfc

SfcIsFileProtected

Exports

Exports

Neighbor

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e53f28d36fe7676c0435424bfbdb4491

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

sensapi

sfc

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 184KB - Virtual size: 183KB

.data Size: 6KB - Virtual size: 71KB

.rsrc Size: 1024B - Virtual size: 768B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 184KB - Virtual size: 183KB

.data
Size: 6KB - Virtual size: 71KB

.rsrc
Size: 1024B - Virtual size: 768B

.reloc
Size: 8KB - Virtual size: 7KB