5fc988c40235b772e5909d360780c9365821984bf35d6dc178ee0ad72bc27f8d

Sharing

Copy URL

Twitter E-mail

General

Target

5fc988c40235b772e5909d360780c9365821984bf35d6dc178ee0ad72bc27f8d
Size

288KB
MD5

5f9b863755e1a3bc7a439ff8da19ac33
SHA1

fe847e079b94543ef63a96701e6e566ed8751c6b
SHA256

5fc988c40235b772e5909d360780c9365821984bf35d6dc178ee0ad72bc27f8d
SHA512

73d4f415dd66a7cb7350048210971976c0d0e224d1c8688afaa9ef9592ba6f41f31d19aafc31b788b9a3c58b4f7be222047d60a77d1d6960dff81b63d8c0e2c4
SSDEEP

6144:l22PY6PdkeeM+FSWX3Eu8uHJRydCCdrcbAOUebbjK0Bl0I:lDYSdReMCVX0uHJR4ubi8KsSI

Score

N/A

Malware Config

Signatures

Files

5fc988c40235b772e5909d360780c9365821984bf35d6dc178ee0ad72bc27f8d
.dll windows x86

2792cc41a7f30f4f484c0d9d9e48b502

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
HeapAlloc
GetLocalTime
VirtualProtectEx
LocalFree
CreateSemaphoreW
MoveFileW
Sleep
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
WriteFile
HeapSize
SetStdHandle
GetProcessHeap
HeapWalk
CreateFileW
LocalAlloc
GetTempPathW
GetModuleFileNameW
WriteConsoleW
HeapFree
MultiByteToWideChar
GetLastError
GetStringTypeW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
EncodePointer
DecodePointer
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
RaiseException
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetACP
GetStdHandle
GetFileType
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW

mswsock

GetTypeByNameW
GetAddressByNameW

psapi

GetDeviceDriverFileNameW
EnumProcessModules
EnumPageFilesW
EnumProcesses
GetDeviceDriverBaseNameW

xolehlp

DtcGetTransactionManagerExW

imm32

ImmReleaseContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmGetCompositionStringW
ImmNotifyIME
ImmGetContext

Exports

Exports

Insectisland
Majorhappen
Pickfarm
Water

Sections

.text
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2792cc41a7f30f4f484c0d9d9e48b502

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mswsock

psapi

xolehlp

imm32

Exports

Exports

Sections

.text Size: 195KB - Virtual size: 194KB

.rdata Size: 74KB - Virtual size: 74KB

.data Size: 5KB - Virtual size: 352KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 195KB - Virtual size: 194KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 5KB - Virtual size: 352KB

.reloc
Size: 12KB - Virtual size: 11KB