5a90d4a63737256fa5a93f8342e94cf93002062def692df122f3fa4a3bcf6841

General

Target

5a90d4a63737256fa5a93f8342e94cf93002062def692df122f3fa4a3bcf6841
Size

90KB
MD5

4efda71b5a11301f4c4e70d8692f4f00
SHA1

e3e266f9b0d928276b5f880a48e412720f67c92a
SHA256

5a90d4a63737256fa5a93f8342e94cf93002062def692df122f3fa4a3bcf6841
SHA512

1d9f0a52f83e6ee0f2a209ce8a1a73161b3a6a05d7300a3206b4624d7b04fce66f7e778a3c2c96b48e21635a95f5cff938e31fec6b1b9e07b0fd7f09334f612b
SSDEEP

1536:tHKDAX2/w3m9jbXhaWVozXnbBEGjc4XaS4YxxMXQwGCDoas6:toS2Y0jzh5HKtKqxCDl3

Score

N/A

Malware Config

Signatures

Files

5a90d4a63737256fa5a93f8342e94cf93002062def692df122f3fa4a3bcf6841
.dll windows x86

3d2986ec01f2679a95306199775b5f8a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

raeay32

ord808
ord961
ord275
ord276
ord790

kernel32

SetUnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
DisableThreadLibraryCalls
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
LoadLibraryA
GetProcAddress
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
UnhandledExceptionFilter

msvcr90

_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
_decode_pointer
_crt_debugger_hook
__clean_type_info_names_internal
memset
__dllonexit
_lock
_onexit
_except_handler4_common
_encoded_null
free
_malloc_crt
_encode_pointer
_time64
srand
rand
sprintf
memcpy
__CppXcptFilter
_unlock

Exports

Exports

_rat_GetCosFuncs

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3d2986ec01f2679a95306199775b5f8a

Headers

DLL Characteristics

File Characteristics

Imports

raeay32

kernel32

msvcr90

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 1KB - Virtual size: 1KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 1KB - Virtual size: 1KB

.rmnet
Size: 56KB - Virtual size: 60KB