200e5c7a1bf960c955e156c9032e5a71c87678311d43c674097eaebca8e68a36

Sharing

Copy URL Twitter E-mail

General

Target

200e5c7a1bf960c955e156c9032e5a71c87678311d43c674097eaebca8e68a36
Size

104KB
MD5

e0066f914e57317f3559b159d02e5750
SHA1

0620e94e7d48a5d0b7dc950af8214feb70d0781a
SHA256

200e5c7a1bf960c955e156c9032e5a71c87678311d43c674097eaebca8e68a36
SHA512

83c6d6637de42d15857f5fc9ddd00fface77e2dbeb7ecd7b8800a9b6be815bc78786c6f7cafc86daaad00b15c16d5d2d0c5e72760832a97f2a2adaf6cb70edcf
SSDEEP

3072:7mKXyPCJi1DrizUwpWteJc8xuTz9P+ZA8/:7JCsEDrMDpsPq/

Score

N/A

Malware Config

Signatures

Files

200e5c7a1bf960c955e156c9032e5a71c87678311d43c674097eaebca8e68a36
.dll windows x86

209a27cb9dc8632bf3912bf24c0f1fee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlUnwind
RtlFreeUnicodeString
NtLoadDriver
RtlAnsiStringToUnicodeString
RtlInitAnsiString
NtClose
NtSetSecurityObject
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
NtOpenKey
RtlInitUnicodeString

kernel32

GetCommandLineA
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
InterlockedExchange
CloseHandle
GetSystemDirectoryA
CopyFileA
CreateMutexA
CreateFileMappingA
MultiByteToWideChar
MapViewOfFile
WideCharToMultiByte
ReleaseMutex
UnmapViewOfFile
LoadResource
DisableThreadLibraryCalls
LockResource
SizeofResource
CreateThread
GetProcAddress
FindResourceA
LoadLibraryA
FreeLibrary
CreateFileA
GetFileSize
ReadFile
GetLastError
WaitForSingleObject
FreeResource
GetModuleHandleA
Sleep
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
VirtualAlloc
GetSystemTimeAsFileTime
HeapReAlloc
HeapAlloc
HeapFree
GetCurrentThreadId
GetThreadLocale
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
ExitProcess
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
HeapSize
WriteFile
GetStdHandle
GetModuleFileNameA
SetFilePointer
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSection
RaiseException

Exports

Exports

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueIndexA
VerQueryValueIndexW
VerQueryValueW

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

209a27cb9dc8632bf3912bf24c0f1fee

Headers

File Characteristics

Imports

ntdll

kernel32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB