d7a138a581cc9a48f8e7c2d503e6cb46b2b1632efb50d01b4acc7550b5ac728d

General

Target

d7a138a581cc9a48f8e7c2d503e6cb46b2b1632efb50d01b4acc7550b5ac728d
Size

109KB
MD5

395eaa3b437d7a9f51436504d0fb4190
SHA1

c08de9503995ec4d36253976d4cf5e6e93f1fc45
SHA256

d7a138a581cc9a48f8e7c2d503e6cb46b2b1632efb50d01b4acc7550b5ac728d
SHA512

51422318a94e0150e420ceaced9e1249b92c587d67108c6b700dd936e7cfc481a609b0a0b1f8f5cafc41cee79dbdc52cc831aac917e0b64de241461a160aa7db
SSDEEP

3072:ljTRp0gacUY75/4e2cvG2BLwre4GfcqvYLb01xX:ljVp05q757M47PxX

Score

N/A

Malware Config

Signatures

Files

d7a138a581cc9a48f8e7c2d503e6cb46b2b1632efb50d01b4acc7550b5ac728d
.dll windows x86

2f1f4ac36dc7afc5c3179984c0d25934

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
TerminateProcess

powrprof

PowerSetActiveScheme
PowerGetActiveScheme
PowerWriteDCValueIndex
PowerWriteACValueIndex
PowerReadDCValueIndex
PowerReadACValueIndex
PowerReadFriendlyName
PowerEnumerate

msvcr80

_decode_pointer
_encoded_null
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
free
_malloc_crt
_encode_pointer
_initterm
memset

Exports

Exports

Backup
Dump
Restore
Set

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 558B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2f1f4ac36dc7afc5c3179984c0d25934

Headers

File Characteristics

Imports

kernel32

powrprof

msvcr80

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 432B

.reloc Size: 1024B - Virtual size: 558B

.text Size: 100KB - Virtual size: 100KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 432B

.reloc
Size: 1024B - Virtual size: 558B

.text
Size: 100KB - Virtual size: 100KB