48c8278e20f5481299f0f13fb9b6adc44c46661e0d1868cc45efa38eefc0d0a2

Sharing

Copy URL Twitter E-mail

General

Target

48c8278e20f5481299f0f13fb9b6adc44c46661e0d1868cc45efa38eefc0d0a2
Size

196KB
MD5

6cb06b404bc3f1d2dfe8aa27cb106540
SHA1

3242fb8d938b4da441c5016d33c5ae4d695dc215
SHA256

48c8278e20f5481299f0f13fb9b6adc44c46661e0d1868cc45efa38eefc0d0a2
SHA512

e8aa182c613f7c581b2db941861b9d52405f7d868c66a2aca9c1d52f04b3b16c02de28482c238fe05946ed2f99f45a772f745c20989f9ab5ce1a748ca2951b1c
SSDEEP

6144:kD1gSjzNPUTNTm70RTe8b5OhH7WbqtTT5wKE2:0NR2K70M8IEbK9

Score

N/A

Malware Config

Signatures

Files

48c8278e20f5481299f0f13fb9b6adc44c46661e0d1868cc45efa38eefc0d0a2
.dll windows x86

a9f2ae2552d90d4a942054a951bdd9ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
Sleep
WaitForSingleObject
CloseHandle
GetFileAttributesA
GetFullPathNameA
CreateMutexA
SetErrorMode
DisableThreadLibraryCalls
LoadLibraryA
GetModuleHandleA
GetSystemDirectoryA
GetCurrentProcessId
GetLastError
GetProcAddress
GetModuleFileNameA
FreeLibrary
GlobalAlloc
GlobalFree

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

msvcr71

?terminate@@YAXXZ
_except_handler3
__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
??1type_info@@UAE@XZ
_access
strncpy
isupper
tolower
malloc
calloc
free
_purecall
__CxxFrameHandler
??2@YAPAXI@Z
_CxxThrowException
??0exception@@QAE@ABV0@@Z
memmove
??_U@YAPAXI@Z
??_V@YAXPAX@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??3@YAXPAX@Z
sprintf
_stricmp
_putenv

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

user32

wsprintfA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

RMACreateInstance
RMAShutdown

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a9f2ae2552d90d4a942054a951bdd9ef

Headers

File Characteristics

Imports

kernel32

version

msvcr71

msvcp71

user32

advapi32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 560B

.rsrc Size: 4KB - Virtual size: 768B

.reloc Size: 12KB - Virtual size: 11KB

.text Size: 112KB - Virtual size: 112KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 560B

.rsrc
Size: 4KB - Virtual size: 768B

.reloc
Size: 12KB - Virtual size: 11KB

.text
Size: 112KB - Virtual size: 112KB