e1936e4453f059b4488246e6095bda8fc8a79c1543f09a5ee976a47971fe8d9b

Sharing

Copy URL Twitter E-mail

General

Target

e1936e4453f059b4488246e6095bda8fc8a79c1543f09a5ee976a47971fe8d9b
Size

484KB
MD5

4411032a2aaa0ea0d19a2c17f3ffca3d
SHA1

90991f2a0eade4f89d9ec7b51f0928527aa5dfba
SHA256

e1936e4453f059b4488246e6095bda8fc8a79c1543f09a5ee976a47971fe8d9b
SHA512

b5ad0a1a5bfdc588a2c46a401281b9b7c213046e86dc9a8f9255f4037e31b23e382c716ac6ec6aa6218ec4542630e8bdd30adb86a7af7124fb971fb0993ea2a3
SSDEEP

6144:QKeMcKZyfo/eA7ARtxi9v6EQyGzrJYELVKYngRnrmIjm347FLfPFsVHDqjT:xeMcayf0ARtjyurJYEhngdrhK3MnFsV6

Score

N/A

Malware Config

Signatures

Files

e1936e4453f059b4488246e6095bda8fc8a79c1543f09a5ee976a47971fe8d9b
.dll windows x86

aba35aefdecab355474258b475e137f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
DeleteFileA
CopyFileA
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
WideCharToMultiByte
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
CloseHandle
SetFilePointer
SetHandleCount
GetTempPathA
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
ReadFile
GetProcAddress
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
FlushFileBuffers
CreateFileA
GetCurrentProcessId
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetACP
GetOEMCP
LoadLibraryA
SetEnvironmentVariableA
SetEndOfFile
GetLocaleInfoW

Exports

Exports

BeginYccDecode
BeginYccEncode
EndYccDecode
EndYccEncode
GetYccLine
SetYccLine

Sections

.text
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aba35aefdecab355474258b475e137f5

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 220KB - Virtual size: 216KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 24KB - Virtual size: 28KB

.rsrc Size: 4KB - Virtual size: 1024B

.reloc Size: 16KB - Virtual size: 14KB

.text Size: 196KB - Virtual size: 196KB

.text
Size: 220KB - Virtual size: 216KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 24KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 1024B

.reloc
Size: 16KB - Virtual size: 14KB

.text
Size: 196KB - Virtual size: 196KB