bab2831ebf52b0641176b4d62a4896971bf3a01343791e2bfb3d21cb85f7fc0a

General

Target

bab2831ebf52b0641176b4d62a4896971bf3a01343791e2bfb3d21cb85f7fc0a
Size

84KB
MD5

6c1f14cba99ad0b57f4af7ce670bfce0
SHA1

56b82c666deb9ee9a634d8819a6fdbdb2dbeb8ea
SHA256

bab2831ebf52b0641176b4d62a4896971bf3a01343791e2bfb3d21cb85f7fc0a
SHA512

a765a635a09d37e2562bf1e0f518aa21e6d8ec46c60312d302ca8e68a42783a908ef45af7b5ed5a7dfce2bef88cbeaa3f6a44f7ba2bb6081c15916ade9f024dd
SSDEEP

1536:JzbZKhA7nInt7XRLw1GoIVcrSwtCTT0FvOKZTe0eP:JH8hA7InNXBw1vIfwHvOqTeTP

Score

N/A

Malware Config

Signatures

Files

bab2831ebf52b0641176b4d62a4896971bf3a01343791e2bfb3d21cb85f7fc0a
.dll windows x86

7120f486ddfe548d80b31053100f4702

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
DisableThreadLibraryCalls
FileTimeToSystemTime
GetProcessHeap
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
lstrlenW
VirtualAlloc
VirtualFree
FreeLibrary
LoadLibraryA
TerminateProcess
LocalFree
CreateEventA
SetEvent
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
GlobalMemoryStatus
CreateThread
CreateSemaphoreA
WaitForSingleObject
ReleaseSemaphore
CloseHandle
InterlockedDecrement
InterlockedIncrement
LocalAlloc
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualProtect
GetProcAddress
GetCommandLineA

advapi32

RegOpenKeyExW
RegSetValueExW
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

ole32

CoTaskMemAlloc
CoUninitialize
CoTaskMemFree
StringFromCLSID

msvcrt

wcstok
_adjust_fdiv
_XcptFilter
malloc
free
_except_handler3
wprintf
wcsstr
_initterm
_amsg_exit
memset

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7120f486ddfe548d80b31053100f4702

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

msvcrt

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 4KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 4KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB