4a8e25233f255eeaa93cb6053da54b6d084dd10d5918e5f57580ecc5f8359c7d

Sharing

Copy URL Twitter E-mail

General

Target

4a8e25233f255eeaa93cb6053da54b6d084dd10d5918e5f57580ecc5f8359c7d
Size

644KB
MD5

79372d075464d050c3092c87f84e2254
SHA1

6e471c4807a5bcaf17e6778aa8b83a2fbc66a57c
SHA256

4a8e25233f255eeaa93cb6053da54b6d084dd10d5918e5f57580ecc5f8359c7d
SHA512

37b754ef4682e97aa398600b2048e32cc7496965547f0acb4bf4db233e9c12bd52ccffd2e21aa80321226415fde314db79970dcfd22fea46ab3da283c5addb20
SSDEEP

12288:Hfa2TVyD9Tyos+/Kz9WWhehars6znGaVdX59lzrPdXZJrBAn:Hf/RGTyoD/qWWhDrsmVdphXZ

Score

N/A

Malware Config

Signatures

Files

4a8e25233f255eeaa93cb6053da54b6d084dd10d5918e5f57580ecc5f8359c7d
.dll windows x86

c3b909ac04d3e383799566dc32d05dbf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoTaskMemRealloc
CoUninitialize
CoInitializeEx

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegCreateKeyExW
RegQueryInfoKeyW

kernel32

GlobalAlloc
InterlockedCompareExchange
MultiByteToWideChar
UnhandledExceptionFilter
DeviceIoControl
lstrlenW
InterlockedIncrement
lstrcmpiW
FreeLibrary
ReadFile
GetVersionExA
GetModuleHandleW
GlobalFree
GetCurrentThreadId
SetEvent
DeleteCriticalSection
QueryPerformanceCounter
CreateFileW
GetCurrentProcessId
VirtualAlloc
GetSystemTimeAsFileTime
LocalFree
GetLastError
GetModuleFileNameW
CloseHandle
InterlockedDecrement
InterlockedExchange
WaitForSingleObject
WideCharToMultiByte
GetTickCount
CreateMutexW
Sleep
SetUnhandledExceptionFilter
RaiseException
GetModuleHandleA
TerminateProcess
LocalAlloc
LoadResource
LeaveCriticalSection
InitializeCriticalSection
GetDateFormatA
EnterCriticalSection

shell32

ShellExecuteW

oleaut32

LoadTypeLi
VarUI4FromStr
SysFreeString
SysStringLen
SysAllocString
UnRegisterTypeLi
RegisterTypeLi

Exports

Exports

List_Reverse
Long_AsVoidPtr
ProgramText
set_gray_to_rgb
set_sRGB

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3b909ac04d3e383799566dc32d05dbf

Headers

File Characteristics

Imports

ole32

advapi32

kernel32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 216KB - Virtual size: 215KB

.rdata Size: 116KB - Virtual size: 113KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 156KB - Virtual size: 155KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 216KB - Virtual size: 215KB

.rdata
Size: 116KB - Virtual size: 113KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 156KB - Virtual size: 155KB

.reloc
Size: 12KB - Virtual size: 10KB