cad8b91e41e3657794477697624b7459d50a14adb22daab6a50b109d928f2deb

General

Target

cad8b91e41e3657794477697624b7459d50a14adb22daab6a50b109d928f2deb
Size

241KB
MD5

6ebcdeb80c7c56484addfa1285bb0810
SHA1

cfb5d0eec4cdbdc3ecc11d22b078b784ec04d632
SHA256

cad8b91e41e3657794477697624b7459d50a14adb22daab6a50b109d928f2deb
SHA512

c1a941650fe85eed6b19ce35442b9488bff57972baf761301bd6ff6ad87601e7495f58b8e0482af0396b3fd2cf6488bb788127aeae420f7bce5a98347e9c3e4f
SSDEEP

3072:WEJrtYqi3tKuhSqEOZVl65iS5WCkNXIThUBV8gcqrtz4wtqbxbobafBOJ1GEMA:1rtK3wuhSNF/5OITe8HqrF41ZwHKEMA

Score

N/A

Malware Config

Signatures

Files

cad8b91e41e3657794477697624b7459d50a14adb22daab6a50b109d928f2deb
.dll windows x86

b372a215441d2a50124690a777faddb8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
lstrcpynW
HeapDestroy
LeaveCriticalSection
lstrcmpiW
MultiByteToWideChar
GetSystemInfo
VirtualAlloc
VirtualProtect
CreateEventW
lstrlenW
FreeLibrary
EnumResourceLanguagesW
GetThreadLocale
FindResourceExW
lstrcatW
LockResource
GetLocaleInfoW
lstrcmpW
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
UnhandledExceptionFilter
QueryPerformanceCounter
LocalFree
DisableThreadLibraryCalls
GetConsoleTitleW
GetConsoleCP
VirtualLock
OutputDebugStringW
lstrlenA
SizeofResource
GetLastError
CreateFileMappingW
WaitForSingleObject
FindResourceW
SetEvent
LoadLibraryA
InterlockedExchange
GetProcAddress
LocalAlloc
RaiseException

advapi32

RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegEnumValueW
GetUserNameW

ole32

CoTaskMemFree
CoQueryClientBlanket
CoTaskMemRealloc
CoTaskMemAlloc

msvcrt

swprintf
sprintf
wcstombs
wcscmp
wcsncpy
wcschr
free
wcscat
wcscpy
malloc

Exports

Exports

MechanismUpdateThe

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b372a215441d2a50124690a777faddb8

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

msvcrt

Exports

Exports

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 10KB - Virtual size: 234KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 10KB - Virtual size: 234KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB