851b35cd0b7c331befc7f7b02f71dd38061f9ab1ed902b0faf82c0a9c27d8348

Sharing

Copy URL

Twitter E-mail

General

Target

851b35cd0b7c331befc7f7b02f71dd38061f9ab1ed902b0faf82c0a9c27d8348
Size

69KB
MD5

4b70c7af1bcf4af4de894302c89ce6c0
SHA1

b70910ab148c3d43d7e00128600727209d827cc8
SHA256

851b35cd0b7c331befc7f7b02f71dd38061f9ab1ed902b0faf82c0a9c27d8348
SHA512

eb3d680f3e15c384c6cc3659ef06a51c905e475dfc004b5d4cfe0333149501053dd1a1d1f883fcbd2811755731060b3574cb0c6bc758dc76ed0080c0e9c405f3
SSDEEP

1536:6soBtEiKchnD2SASD/Vb5RXFGJTHoFV6cRN5zbTznMmS/:6soBtEijD2vQ9pETAJ35zbVA

Score

N/A

Malware Config

Signatures

Files

851b35cd0b7c331befc7f7b02f71dd38061f9ab1ed902b0faf82c0a9c27d8348
.dll windows x86

115d4928d535a43e710a14abaf67d629

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
LocalFree
LocalAlloc
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcAddress
GetVersionExA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

user32

GetDesktopWindow

shell32

ShellExecuteW

mfc71u

ord581
ord1162
ord1087
ord1079
ord314
ord1170
ord1168
ord1192
ord1115
ord371
ord1093
ord1199
ord1197
ord1033
ord315
ord765
ord1200
ord283
ord899
ord293
ord2311
ord577
ord3383
ord566
ord5096
ord1007
ord2009
ord4320
ord764
ord757
ord3327
ord4255
ord4475
ord3943
ord2638
ord3703
ord3713
ord3712
ord2527
ord2640
ord2534
ord3677
ord4032
ord4008
ord6272
ord3795
ord6274
ord2054
ord5579
ord3800
ord6215
ord5378
ord3826
ord1911
ord2925
ord5220
ord5222
ord2239
ord3942
ord4562
ord5226
ord5209
ord5562
ord3824
ord2531
ord2725
ord2829
ord4301
ord2708
ord2832

msvcr71

?terminate@@YAXXZ
__security_error_handler
__CppXcptFilter
_adjust_fdiv
malloc
_initterm
_onexit
??1type_info@@UAE@XZ
free
_except_handler3
memset
??2@YAPAXI@Z
wcsrchr
wcscat
wcslen
__CxxFrameHandler
_wcsicmp
__dllonexit

Exports

Exports

isProductSupported
launchExtensionHelp
launchExtensionManager
mayLaunchExtensionHelp
mayLaunchExtensionManager

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

115d4928d535a43e710a14abaf67d629

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shell32

mfc71u

msvcr71

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.rmnet
Size: 56KB - Virtual size: 60KB