35c544cb6a43c2980853530d00a3547532fca11aca38cf9f4c7308d1a4f773b1

Sharing

Copy URL Twitter E-mail

General

Target

35c544cb6a43c2980853530d00a3547532fca11aca38cf9f4c7308d1a4f773b1
Size

584KB
MD5

d60a167006bdc5ce572890f01de1f207
SHA1

32beb290644c99e8c08e12d9bd1dc9532906b493
SHA256

35c544cb6a43c2980853530d00a3547532fca11aca38cf9f4c7308d1a4f773b1
SHA512

8cf5a06f1da736fa7c2f5d3dc83609586a3f40c2312b3e0e0c65f7801dbd0e13e3c5a467d18ec970083351089b66f996a672df3719811da5d5242ae31c671e29
SSDEEP

6144:iQ218cIxd33yBWkBG571V4sOYQ5kfoRsEiHpYOysihYRRHK+YZ6GQtR7U1DtAO0r:i18Zdy25csOYQC3HpF5Rq+06GQtaDt

Score

N/A

Malware Config

Signatures

Files

35c544cb6a43c2980853530d00a3547532fca11aca38cf9f4c7308d1a4f773b1
.dll windows x86

293a9564c60db2767ced380d0efc1a4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

pthreadvc2

pthread_mutex_init
pthread_cond_init
pthread_cond_wait
pthread_mutex_lock
pthread_cond_broadcast
pthread_mutex_unlock
pthread_mutex_destroy
pthread_cond_destroy
pthread_num_processors_np
pthread_create
pthread_join

ws_log

ord2
ord1

ws_utility

cpu_num_processors

kernel32

GetProcessHeap
SetEndOfFile
GetConsoleOutputCP
WriteConsoleA
CreateFileA
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
EnterCriticalSection
LeaveCriticalSection
MoveFileA
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
RaiseException
WriteFile
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
DeleteFileA
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
CloseHandle
MultiByteToWideChar
ReadFile
SetFilePointer
RtlUnwind
LoadLibraryW
LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapSize
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

GetEncoders

Sections

.text
Size: 369KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

293a9564c60db2767ced380d0efc1a4e

Headers

File Characteristics

Imports

pthreadvc2

ws_log

ws_utility

kernel32

Exports

Exports

Sections

.text Size: 369KB - Virtual size: 368KB

.rodata Size: 512B - Virtual size: 312B

.rdata Size: 182KB - Virtual size: 182KB

.data Size: 15KB - Virtual size: 38KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 369KB - Virtual size: 368KB

.rodata
Size: 512B - Virtual size: 312B

.rdata
Size: 182KB - Virtual size: 182KB

.data
Size: 15KB - Virtual size: 38KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 14KB - Virtual size: 14KB