e4df895cf0f837e533e1890145ec06e2f08d59c40b8a4e64238e81860a00e791

Sharing

Copy URL Twitter E-mail

General

Target

e4df895cf0f837e533e1890145ec06e2f08d59c40b8a4e64238e81860a00e791
Size

456KB
MD5

0a855159539f15dc8663fb9e7b6ac15a
SHA1

fdd83c73b505f0c272bafa7f8e945b00eeedc847
SHA256

e4df895cf0f837e533e1890145ec06e2f08d59c40b8a4e64238e81860a00e791
SHA512

dd73ff5ed21a27f8e4b3174a15f8fcd790955fe620122f706cd17402c5156df80ffe2628ac54f0d77da6f5c1c3f619f06ffce19a273c5fa3344580f1c5df5c8a
SSDEEP

12288:2NxqVcFfI6gT1JsIwzAd3gZrLyICLRoqIzhP:GIcFQ6gTfwwgZXyuRp

Score

N/A

Malware Config

Signatures

Files

e4df895cf0f837e533e1890145ec06e2f08d59c40b8a4e64238e81860a00e791
.dll windows x64

57e85ae55c00a26e06aca4a4599c63ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

_snwprintf
strcmp
memcmp
memmove
RtlNtStatusToDosError
memset
memcpy
strncmp
StrStrIA
StrCmpNA
StrToIntExA
StrChrW
PathCombineW
PathFindFileNameW
StrChrA
FlushFileBuffers
HeapValidate
GetVersionExW
lstrlenW
HeapAlloc
HeapFree
SetEvent
Sleep
CreateEventA
HeapDestroy
HeapCreate
GetLastError
CloseHandle
CreateThread
SwitchToThread
FindFirstFileW
FindClose
FindNextFileW
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
ExpandEnvironmentStringsW
GetFileSize
FreeLibrary
WaitForSingleObject
LoadLibraryW
GetTempPathW
GetFileAttributesA
GetFileAttributesW
ReadFile
CreateFileW
GetProcAddress
EnterCriticalSection
LoadLibraryA
FormatMessageW
InitializeCriticalSection
DeleteFileA
AreFileApisANSI
GetSystemTime
GetTempPathA
GetCurrentProcessId
OutputDebugStringA
DeleteCriticalSection
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
WriteFile
CreateFileMappingW
CreateFileMappingA
GetDiskFreeSpaceW
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
HeapSize
GetVersionExA
LeaveCriticalSection
DeleteFileW
LocalAlloc
LocalFree
GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
CreateMutexW
HeapCompact
SetFilePointer
TryEnterCriticalSection
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
SystemTimeToFileTime
QueryPerformanceCounter
UnlockFile
LockFile
OutputDebugStringW
GetTickCount
LockFileEx
SHGetFolderPathW
CoUninitialize
CreateStreamOnHGlobal
CoInitializeEx
CryptBinaryToStringW
CryptStringToBinaryA
CryptUnprotectData

Exports

Exports

PluginRegisterCallbacks

Sections

.text
Size: 391KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57e85ae55c00a26e06aca4a4599c63ca

Headers

File Characteristics

Imports

Exports

Exports

Sections

.text Size: 391KB - Virtual size: 390KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 8KB - Virtual size: 9KB

.pdata Size: 12KB - Virtual size: 11KB

.bss0 Size: 2KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 391KB - Virtual size: 390KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 8KB - Virtual size: 9KB

.pdata
Size: 12KB - Virtual size: 11KB

.bss0
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB