c84bb5eecbf3ea6bf64cb75a3bab710a8262f0384235b0e0bafd725f802d989f

Sharing

Copy URL

Twitter E-mail

General

Target

c84bb5eecbf3ea6bf64cb75a3bab710a8262f0384235b0e0bafd725f802d989f
Size

471KB
MD5

c52e8f3ffa7be2432bb8f6c7b0a70578
SHA1

2e750b9dfa29b96667e45252eb94034bd984dbe6
SHA256

c84bb5eecbf3ea6bf64cb75a3bab710a8262f0384235b0e0bafd725f802d989f
SHA512

96eea68923d63626c5dd224470c32beb6e519831db52a438c9e1d253cf97d10bcb0f3dd5925e7ea23a94a5e863341096c37f25b7d335884ad9af6ed3ebad4087
SSDEEP

6144:umVtjA9X1u1kjIo71pnAtuETnsMZ+aBekhihU4i0emAkp6ShZorLRW+WE+enfi:Z+3jN71h4HTDZ+QeiitizcLZorLR7

Score

N/A

Malware Config

Signatures

Files

c84bb5eecbf3ea6bf64cb75a3bab710a8262f0384235b0e0bafd725f802d989f
.dll windows x64

d40ef14ecac28f632d62aa67486e7391

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mbstowcs
memcpy
_snwprintf
RtlNtStatusToDosError
memmove
strncmp
memcmp
strcmp
_snprintf
memset
StrChrA
StrCmpNA
StrStrIA
PathCombineW
StrStrA
PathFindFileNameW
StrChrW
StrRChrA
StrStrW
CryptUnprotectData
CryptStringToBinaryA
LocalFree
HeapAlloc
HeapFree
SetEvent
Sleep
CreateEventA
HeapDestroy
HeapCreate
GetLastError
GetModuleFileNameA
GetModuleHandleA
CloseHandle
CreateThread
SwitchToThread
FindFirstFileW
lstrlenA
GetCurrentDirectoryW
FindClose
SetCurrentDirectoryW
FindNextFileW
lstrcpyW
WaitForSingleObject
GetVersion
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcessId
OpenProcess
TerminateProcess
SetLastError
Process32FirstW
Process32NextW
lstrcmpiW
CreateToolhelp32Snapshot
GetFileSize
FreeLibrary
LoadLibraryW
LeaveCriticalSection
GetFileAttributesA
GetFileAttributesW
ReadFile
CreateFileW
GetProcAddress
EnterCriticalSection
LoadLibraryA
GetTempPathA
DeleteFileW
GetVersionExA
lstrlenW
OutputDebugStringA
GetCurrentThreadId
ExpandEnvironmentStringsW
DeleteCriticalSection
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
GetSystemTime
GetDiskFreeSpaceW
LockFileEx
HeapSize
DeleteFileA
AreFileApisANSI
GetTempPathW
FlushFileBuffers
HeapValidate
GetVersionExW
FormatMessageW
InitializeCriticalSection
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
LockFile
UnlockFile
QueryPerformanceCounter
SystemTimeToFileTime
SetEndOfFile
UnmapViewOfFile
LocalAlloc
GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
CreateMutexW
HeapCompact
SetFilePointer
TryEnterCriticalSection
MapViewOfFile
RegOpenKeyA
RegQueryValueExW
CryptHashData
RegCloseKey
CryptDestroyHash
CryptCreateHash
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CreateStreamOnHGlobal

Exports

Exports

PluginRegisterCallbacks

Sections

.text
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d40ef14ecac28f632d62aa67486e7391

Headers

File Characteristics

Imports

Exports

Exports

Sections

.text Size: 402KB - Virtual size: 401KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 8KB - Virtual size: 9KB

.pdata Size: 12KB - Virtual size: 11KB

.bss0 Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 402KB - Virtual size: 401KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 8KB - Virtual size: 9KB

.pdata
Size: 12KB - Virtual size: 11KB

.bss0
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB