c620c41a5be1ffc3256678ab41948b7af8d99cf50cce811e42687b6a3efbb30b

General

Target

c620c41a5be1ffc3256678ab41948b7af8d99cf50cce811e42687b6a3efbb30b
Size

186KB
MD5

8e0dd55c581d54865fde22191737112e
SHA1

7128a2a5f2b5b0ae11b593025563fb59ee85be1d
SHA256

c620c41a5be1ffc3256678ab41948b7af8d99cf50cce811e42687b6a3efbb30b
SHA512

e4edc20cd43a12330e639e826cf2731d6007cfc6a280ee21902b256fd3275e3c3c45052f0640c020470a9a364768b04cd1ad2901ebef614babb1ed98f2443274
SSDEEP

3072:Q2t/A9dh11TVEY8ENYv5PY8ZCwP1ICDeRII+qT+zm/tI5M1X+MudmWcwM4xBUYhC:QC/+Zvrl8ZVP1IgIIXli1X+5dmWvMYBI

Score

N/A

Malware Config

Signatures

Files

c620c41a5be1ffc3256678ab41948b7af8d99cf50cce811e42687b6a3efbb30b
.dll windows x86

0eea571285bd307bd31dd9cd0de1020c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeviceIoControl
ExitProcess
GetACP
GetCommandLineA
GetDateFormatA
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GlobalAddAtomA
HeapAlloc
HeapCreate
HeapReAlloc
IsValidCodePage
IsValidLocale
MultiByteToWideChar
RaiseException
RtlUnwind
SetErrorMode
SetLastError
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
WriteConsoleA
lstrcmpiA
lstrcpynA

user32

GetUserObjectSecurity
DestroyIcon
IntersectRect
SetClassLongA
RegisterWindowMessageA
LoadMenuA
LoadAcceleratorsA
InvalidateRgn
DialogBoxIndirectParamA

winmm

sndPlaySoundA
waveOutGetNumDevs

ole32

CoGetMalloc
CoFileTimeNow
CreateAntiMoniker
CoCreateInstance

advapi32

AddAccessDeniedAce
RegRestoreKeyW
RegEnumKeyExA
LsaGetRemoteUserName
LsaClose
GetAce
ElfBackupEventLogFileA
DuplicateTokenEx
AllocateLocallyUniqueId
AddAuditAccessAceEx
SetSecurityDescriptorRMControl

shlwapi

StrStrA
PathStripPathA

Exports

Exports

DeleteItem
MemcpyToSymbol

Sections

.text
Size: 122KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0eea571285bd307bd31dd9cd0de1020c

Headers

File Characteristics

Imports

kernel32

user32

winmm

ole32

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 122KB - Virtual size: 216KB

.data Size: 60KB - Virtual size: 60KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 122KB - Virtual size: 216KB

.data
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB