e61c53e819ecc0ca9f61f6c33dda797c94f4926bb2a245a35a166a64d84d362c

Sharing

Copy URL

Twitter E-mail

General

Target

e61c53e819ecc0ca9f61f6c33dda797c94f4926bb2a245a35a166a64d84d362c
Size

280KB
MD5

d23331547cde74dd1e2f523fc0e651ad
SHA1

6df573c80533b26cab0329382805e013ba9c0e99
SHA256

e61c53e819ecc0ca9f61f6c33dda797c94f4926bb2a245a35a166a64d84d362c
SHA512

27fc3393e21534ef15d138b912ba46a6a626de3c2977a97c611b48f221888a4ed517151cafcd430f1f0a6504c529d73c124ef0009d0da51d4fa0d8df43330386
SSDEEP

6144:1gNfOsrkdoJnoT8xqiSHbEuDST0Wii1qiB:e5OsQdgnoT8kiSHQumT0W1B

Score

N/A

Malware Config

Signatures

Files

e61c53e819ecc0ca9f61f6c33dda797c94f4926bb2a245a35a166a64d84d362c
.dll windows x86

c91d5a483a5fc235494ad7953554cb7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
HeapAlloc
WaitForSingleObject
GetTimeFormatA
GetProcessHeap
GetWindowsDirectoryA
GetEnvironmentVariableA
LoadLibraryA
OpenMutexA
DeviceIoControl
GetModuleFileNameA
VirtualProtect
GetFileTime
GetCurrentProcessId
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
EncodePointer
DecodePointer
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
GetLastError
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
HeapFree
SetLastError
GetFileType
DeleteCriticalSection
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
OutputDebugStringW
HeapReAlloc
LCMapStringW
CreateFileW

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoRevokeClassObject

shlwapi

PathUnquoteSpacesA

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 9.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c91d5a483a5fc235494ad7953554cb7d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

shlwapi

Sections

.text Size: 122KB - Virtual size: 122KB

.rdata Size: 128KB - Virtual size: 127KB

.data Size: 21KB - Virtual size: 9.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 122KB - Virtual size: 122KB

.rdata
Size: 128KB - Virtual size: 127KB

.data
Size: 21KB - Virtual size: 9.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB