582ffce90aafada9ad2a009b2ea5b13dc6242f69ca751246671c6513fc0ff6cd

General

Target

582ffce90aafada9ad2a009b2ea5b13dc6242f69ca751246671c6513fc0ff6cd
Size

228KB
MD5

4b4f7079b14c977e119701cc04b22d40
SHA1

319dcc3f4eb5c176362047d1db7fedae5067235c
SHA256

582ffce90aafada9ad2a009b2ea5b13dc6242f69ca751246671c6513fc0ff6cd
SHA512

fde89fab16675420ea2e99afcd0831e491e61437f229094b04d951a43b1117d2b806be3829992bdec9ef822d8b410c7e20c88844dbb01f16a3433f11ef00db30
SSDEEP

3072:SUjnWAaFFnnA913sIhCNTFKcjxLbwSpUHtGcOHRjze6tPmuxAa7Dhrf0hfmvCfG:SuWAaFFnA9RsIhBcCWRjHmwAavQf+Cu

Score

N/A

Malware Config

Signatures

Files

582ffce90aafada9ad2a009b2ea5b13dc6242f69ca751246671c6513fc0ff6cd
.dll windows x86

20952b3a73aadebe8dd26a1e9ac310c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

_initterm
_adjust_fdiv
_onexit
__dllonexit
??2@YAPAXI@Z
printf
sprintf
malloc
free
_vsnprintf
realloc
??3@YAXPAX@Z
_purecall
_putenv
atoi
strstr
atol
atof
strrchr
_ftol
rand
strchr
_stricmp
memmove

kernel32

GetVersion
InterlockedIncrement
GetTickCount
GetVersionExA
GetSystemInfo
GetProcAddress
FreeLibrary
SetErrorMode
LoadLibraryA
GetLocaleInfoA
InterlockedDecrement
GetWindowsDirectoryA
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte

user32

CharPrevA
CharNextA
GetSystemMetrics
CharUpperA
GetClassNameA
GetParent
PostMessageA

advapi32

RegSetValueExA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyA
RegSetValueA
RegOpenKeyA
RegQueryValueA
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA

Exports

Exports

RMACreateInstance
SetDLLAccessPath

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

20952b3a73aadebe8dd26a1e9ac310c1

Headers

File Characteristics

Imports

pncrt

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 8KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 8KB

.rmnet
Size: 60KB - Virtual size: 60KB