94fa264910b73479d77d38e888a616bf3ef8c71e95d1e6d99f6d74b0c450bddc

Sharing

Copy URL Twitter E-mail

General

Target

94fa264910b73479d77d38e888a616bf3ef8c71e95d1e6d99f6d74b0c450bddc
Size

245KB
MD5

62768bb207f139c8f8ab2ce56e7d5890
SHA1

c31715a1af50d8b77c630cdf5ef6a74ec3d4e02c
SHA256

94fa264910b73479d77d38e888a616bf3ef8c71e95d1e6d99f6d74b0c450bddc
SHA512

4e9670d513d663644b4c1f77b9523389e5faefa915d3f870757d832a57c6c2bf7aea6e6466c7a527dae4221d2909b9d7d7dab3860d26179052b1ae36ae812017
SSDEEP

6144:w6b6OG0X2gqMB1/osxnrr5+VGkDtG2bi4fhLxfzmxQB0dN+:Bb6OG0X2gqMB1/oCrt+VvDE2bi4fhLxp

Score

N/A

Malware Config

Signatures

Files

94fa264910b73479d77d38e888a616bf3ef8c71e95d1e6d99f6d74b0c450bddc
.dll windows x86

7cf5ac3f2afa8727e5a51f52e54c2611

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
EnterCriticalSection
MultiByteToWideChar
FileTimeToSystemTime
SystemTimeToFileTime
lstrcpyA
GlobalFree
GlobalLock
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
FlushFileBuffers
SetStdHandle
LoadLibraryA
SetFilePointer
GetLastError
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetStdHandle
GetFileType
SetHandleCount
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetModuleHandleA
GetProcAddress
GetCommandLineA
HeapFree
WideCharToMultiByte
LeaveCriticalSection
HeapAlloc

ole32

CoTaskMemFree
StgCreateDocfile
StgOpenStorage

ltkrn13n

ord196
ord110
ord111
ord310
ord282
ord283

lffpx7

ord57
ord55
ord58
ord56
ord54
ord50
ord64
ord49
ord60
ord23
ord20
ord36
ord126
ord33
ord31
ord29
ord17
ord66
ord68
ord70
ord72
ord74
ord76
ord140
ord141
ord59
ord61
ord63
ord65
ord67
ord69
ord71
ord73
ord75
ord77
ord2
ord10
ord5
ord7
ord3
ord47
ord53
ord62
ord51

Exports

Exports

DllMain
fltDeletePage
fltEnumDimensions
fltGetComment
fltGetDimension
fltGetStamp
fltGetTransforms
fltInfo
fltLoad
fltSave
fltSetComment
fltSetStamp
fltSetTransforms
fltSizeComment

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 163KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7cf5ac3f2afa8727e5a51f52e54c2611

Headers

File Characteristics

Imports

kernel32

ole32

ltkrn13n

lffpx7

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 7KB - Virtual size: 11KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text Size: 163KB - Virtual size: 164KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 7KB - Virtual size: 11KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 163KB - Virtual size: 164KB