c1e7bcaa619bd0c234142ce4eee78fe92c57b8ceac6188611cd61cc6aaa74b98

Sharing

Copy URL Twitter E-mail

General

Target

c1e7bcaa619bd0c234142ce4eee78fe92c57b8ceac6188611cd61cc6aaa74b98
Size

140KB
MD5

6d5ce25a9785a9d388e4d15556ba5440
SHA1

17ce25efd9f9ae4f5b079c0ab2362c8dac10ddfb
SHA256

c1e7bcaa619bd0c234142ce4eee78fe92c57b8ceac6188611cd61cc6aaa74b98
SHA512

ce066170ac4cca466e9c7960a92b64c5fffed66b84b94f44245ac3ecc20556eb6e2b5f393022842225388c4049c9e05515116d5877f227a1956e603628d0fc32
SSDEEP

3072:iYddMY/olGWHLk3zB2wfZOo0a540RJuXgo5:nMICGWYoo0m42wg

Score

N/A

Malware Config

Signatures

Files

c1e7bcaa619bd0c234142ce4eee78fe92c57b8ceac6188611cd61cc6aaa74b98
.dll windows x86

4ad28673ca5eacf6d7b5442874c1c5a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegQueryValueExA
RegEnumValueW
RegOpenKeyExA
EqualSid
RegEnumKeyExA
RegQueryValueExW
RegQueryValueW
UnlockServiceDatabase

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

RtlUnwind
GetStringTypeA
LCMapStringW
LCMapStringA
IsValidLocale
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetHandleInformation
VirtualAlloc
GetVersionExW
WriteConsoleW
RaiseException
HeapFree
GetCurrentDirectoryA
GlobalLock
GetStdHandle
GetModuleFileNameA
GetFileType
HeapCreate
CreateDirectoryA
GetCurrentDirectoryW
lstrcpyA
CreateMutexA
GetVersionExA
InterlockedCompareExchange
ExpandEnvironmentStringsA
Sleep
GetTempFileNameA
GetStringTypeW
WideCharToMultiByte
ResumeThread
LeaveCriticalSection
CreateEventA
GetThreadLocale
SetCurrentDirectoryW
GetTempPathA
GetProcessHeap
CreateEventW
CreateFileMappingA
GetConsoleCP
ExitThread
SetPriorityClass
QueryPerformanceCounter
GlobalHandle
SetEnvironmentVariableA
CreateFileW
HeapSize
IsValidCodePage
VirtualQuery
ExitProcess
GetSystemTime
HeapAlloc
GetCommandLineA
GetVersion
HeapDestroy
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
FatalAppExitA
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
CloseHandle
CreateFileA
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers
SetStdHandle
SetEndOfFile
ReadFile
SetFilePointer
MultiByteToWideChar

Exports

Exports

SKUWP

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ad28673ca5eacf6d7b5442874c1c5a2

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 52KB - Virtual size: 55KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 52KB - Virtual size: 55KB

.reloc
Size: 12KB - Virtual size: 8KB