40383cb8cf53f8b9baa508c7e5a7872121d84832131a77107e997cece72e9507

Sharing

Copy URL

Twitter E-mail

General

Target

40383cb8cf53f8b9baa508c7e5a7872121d84832131a77107e997cece72e9507
Size

287KB
MD5

283001766ef46c1740ee882afcdbfdca
SHA1

8ebeed9b7f198979a4700a0f406050c1d32d3c2d
SHA256

40383cb8cf53f8b9baa508c7e5a7872121d84832131a77107e997cece72e9507
SHA512

bf3cc6e35c3347ce631bf25a2d9499a02e1fb8449784ecfbf0e6d84433262c33a3e53c79f6f1b22d44bfc6449050488db28840580f6450acf1591edaa47f863d
SSDEEP

6144:vG2ezOktWfCNv9cvA7Zguu3pJ5BrKa45wz7AOy+LM43CIM:vWqkUfCNvyI3u3p5A5w7g+L5

Score

N/A

Malware Config

Signatures

Files

40383cb8cf53f8b9baa508c7e5a7872121d84832131a77107e997cece72e9507
.dll windows x86

6c4861b61e73e158254766955c036e4f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
OpenProcess
Sleep
LoadResource
VirtualProtectEx
GetModuleHandleW
GetSystemTime
QueryPerformanceCounter
GetDateFormatW
OpenMutexW
WriteConsoleW
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
WriteFile
HeapSize
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetEnvironmentVariableW
InitializeCriticalSection
GetModuleFileNameW
EnterCriticalSection
GetVolumeInformationW
FlushFileBuffers
SizeofResource
MultiByteToWideChar
GetLastError
GetStringTypeW
WideCharToMultiByte
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetProcAddress
EncodePointer
DecodePointer
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
RaiseException
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapAlloc
HeapReAlloc
HeapFree
GetStdHandle
GetFileType
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

mswsock

GetTypeByNameW
EnumProtocolsW
GetNameByTypeW

psapi

EnumProcessModules
GetDeviceDriverFileNameW
GetDeviceDriverBaseNameW
EnumPageFilesW
EnumProcesses

xolehlp

ord7

imm32

ImmReleaseContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmGetCompositionStringW
ImmNotifyIME
ImmGetContext

Exports

Exports

Buy
Lastoccur
Passfast
Poundquite

Sections

.text
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c4861b61e73e158254766955c036e4f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

version

mswsock

psapi

xolehlp

imm32

Exports

Exports

Sections

.text Size: 194KB - Virtual size: 193KB

.rdata Size: 74KB - Virtual size: 74KB

.data Size: 5KB - Virtual size: 369KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 194KB - Virtual size: 193KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 5KB - Virtual size: 369KB

.reloc
Size: 12KB - Virtual size: 11KB