860589476a74b83dfff2fb7440783d9808247616ffca135f5337412f890a95c1

General

Target

860589476a74b83dfff2fb7440783d9808247616ffca135f5337412f890a95c1
Size

176KB
MD5

6dc054f1c0eb818bcd8bfbcc337fa920
SHA1

bfcdd5fd791846bada77c3976e13e8a29448f105
SHA256

860589476a74b83dfff2fb7440783d9808247616ffca135f5337412f890a95c1
SHA512

82fdb68e9cb3e8a410f47fb00595a1f6184740f0603e2313f750cf2b4692441e54d8ab989e93b21bb745b02cca196f0292bc1fa498446a1ec9ce9e091f3aff2e
SSDEEP

1536:EQSH2AGIJ2aJs6aZ5jE5wuhcBa8yw4KclQBHTxRtHIeidbSn8PJMECdMZ:EtHY42aKZ5Huuc8VDyuntoBhMECaZ

Score

N/A

Malware Config

Signatures

Files

860589476a74b83dfff2fb7440783d9808247616ffca135f5337412f890a95c1
.dll windows x86

6cb7558b3373f084d654354247f46d5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PostQueuedCompletionStatus
GlobalUnWire
SetInformationJobObject
FindClose
CreatePipe
MulDiv
UnmapViewOfFile
DeleteAtom
SetConsoleCtrlHandler
SetMailslotInfo
FileTimeToSystemTime
SetConsoleActiveScreenBuffer
GlobalAlloc
GlobalFree
LocalAlloc
GetNamedPipeHandleStateA
CreateFileMappingW
CreateHardLinkA
AssignProcessToJobObject
GetUserDefaultUILanguage
FindResourceA
_lread
CreateHardLinkW
SetTimerQueueTimer
FindAtomA
SetSystemPowerState
GetComputerNameExA
FindVolumeMountPointClose
CreateDirectoryExW
LocalFree
GetCommMask
EnumSystemLanguageGroupsA
FindClose

advapi32

SetFileSecurityA
CryptSetProviderExW
GetEventLogInformation
SetPrivateObjectSecurityEx
RegEnumKeyExA
RegOpenKeyW
GetSecurityDescriptorControl
SetSecurityDescriptorSacl
ClearEventLogW
SetKernelObjectSecurity
RegDeleteKeyW
RegSaveKeyW
ObjectOpenAuditAlarmA
DuplicateTokenEx
QueryServiceLockStatusA
RegOpenKeyExW
RegQueryInfoKeyW

Exports

Exports

CGIMAMP
CGIMedia
CGIMemoryFilename
CGIPlainExport
CGIProcess
CGISkinControl

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cb7558b3373f084d654354247f46d5e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 24KB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 24KB