c267cd2e3ab08361a4f0be6ac5be62d5b12c6e04b8daa0f7540ba33e78d1f196

Sharing

Copy URL

Twitter E-mail

General

Target

c267cd2e3ab08361a4f0be6ac5be62d5b12c6e04b8daa0f7540ba33e78d1f196
Size

104KB
MD5

62ea9aff4ca0477eba862194f567c0bd
SHA1

7ed0070cebe2ab7ba34c2f1038d3c1f7c811f8ab
SHA256

c267cd2e3ab08361a4f0be6ac5be62d5b12c6e04b8daa0f7540ba33e78d1f196
SHA512

2734be12589c22fedb9190ca74a72288ad4f4291fa9cb65c609b838e22583561938d3fd67b565bc50d31465f1243fd4ce05f2707d4547510f406e270cb31c3ae
SSDEEP

1536:4rteV+DvhBfJf/nCwI4QfhRrKHNjf6GDHVy/n6cyXtwmJc8xuTz6+VZAhv9:4r4V+vnh6G4/nyXt3Jc8xuTz6+VZAhv9

Score

N/A

Malware Config

Signatures

Files

c267cd2e3ab08361a4f0be6ac5be62d5b12c6e04b8daa0f7540ba33e78d1f196
.dll windows x86

fc68af4da180eb4e8fe39f47ae6e9bff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlUnwind
RtlFreeUnicodeString
NtLoadDriver
RtlAnsiStringToUnicodeString
RtlInitAnsiString
NtClose
NtSetSecurityObject
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
NtOpenKey
RtlInitUnicodeString

kernel32

GetCommandLineA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
Sleep
InterlockedExchange
GetSystemDirectoryA
CloseHandle
CopyFileA
CreateMutexA
CreateFileMappingA
MapViewOfFile
MultiByteToWideChar
ReleaseMutex
WideCharToMultiByte
UnmapViewOfFile
DisableThreadLibraryCalls
LoadResource
LockResource
SizeofResource
CreateThread
GetProcAddress
FindResourceA
LoadLibraryA
FreeLibrary
CreateFileA
GetFileSize
ReadFile
GetLastError
WaitForSingleObject
FreeResource
GetModuleHandleA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LCMapStringW
LCMapStringA
SetEndOfFile
HeapFree
VirtualAlloc
GetSystemTimeAsFileTime
HeapReAlloc
HeapAlloc
GetCurrentThreadId
GetThreadLocale
GetVersionExA
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetFilePointer
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
ExitProcess
HeapSize
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
InitializeCriticalSection
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RaiseException

Exports

Exports

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueIndexA
VerQueryValueIndexW
VerQueryValueW

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc68af4da180eb4e8fe39f47ae6e9bff

Headers

File Characteristics

Imports

ntdll

kernel32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB