f795f9a2e2ee358a4a1ac5b8980be60ea9492e641068e8338ff0daf84260c5a1

Sharing

Copy URL

Twitter E-mail

General

Target

f795f9a2e2ee358a4a1ac5b8980be60ea9492e641068e8338ff0daf84260c5a1
Size

166KB
MD5

6ec76bb7985798b3db9e547b0cc44060
SHA1

81129575d5f4b1db18ad494d5c4ef24cff6ef5c2
SHA256

f795f9a2e2ee358a4a1ac5b8980be60ea9492e641068e8338ff0daf84260c5a1
SHA512

2d58596a79e00ed828e713077688b0053cefdaf5fd4062c070367ad8278e94cd6a16ba40444abfcaf23774811d1502f1f94dd1fb2880adaa3a047587f9252a33
SSDEEP

1536:9cI1e7iPEfxRXqQxPvFE/doYWG9zNWS3Qq5zl5RHar7Ok+ElKZjwSPQ+00OwPFz:9cqE4QxP9E79zNfXxl51027rPZa8geE

Score

N/A

Malware Config

Signatures

Files

f795f9a2e2ee358a4a1ac5b8980be60ea9492e641068e8338ff0daf84260c5a1
.dll windows x86

2ddadac7cf4266d09186be0c5a504db9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenSemaphoreW
FindResourceW
lstrlenA
lstrcatW
LoadLibraryW
GetProcAddress
lstrcpynW
HeapDestroy
lstrcpyW
MultiByteToWideChar
VirtualProtect
GlobalAddAtomW
RegisterWaitForSingleObject
UnregisterWaitEx
WaitForSingleObjectEx
SwitchToThread
CreateEventW
QueueUserWorkItem
SetEvent
OpenProcess
LoadLibraryA
IsBadWritePtr
GlobalDeleteAtom
VerifyVersionInfoW
FreeLibraryAndExitThread
LocalFree
IsBadReadPtr
GlobalFree
GlobalAlloc
LockResource
DeviceIoControl
WideCharToMultiByte
GetComputerNameExW
Sleep
SystemTimeToFileTime
GetSystemTime
FileTimeToSystemTime
GetComputerNameW
WritePrivateProfileStringW
CompareStringW
GetVersionExW
VirtualAlloc
lstrlenW
GetLastError
EnterCriticalSection
GetPrivateProfileStringW
GetModuleHandleW
lstrcmpiW
LocalAlloc
VirtualFree
FindClose
FindFirstFileW
GetSystemTimeAsFileTime
OpenMutexW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
DeleteFileW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
SetErrorMode
SetUnhandledExceptionFilter
OpenEventW
GetSystemDirectoryW
LoadLibraryExW
GetModuleFileNameW
CreateProcessW
FreeLibrary
WaitForSingleObject
CreateFileW
CloseHandle
ReleaseMutex
SetLastError
HeapFree
GetProcessHeap
HeapAlloc
InterlockedExchange
RaiseException

ole32

CoInitialize
StringFromCLSID
CoInitializeEx

msvcrt

wcsstr
swprintf
realloc
malloc
iswalpha
wcstombs
wcscpy
wcstoul
memmove
wcschr
exit
wcslen
wcscmp
wcscat
qsort
wcspbrk
free

rpcrt4

RpcBindingFree
RpcBindingSetAuthInfoExW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcStringFreeW

Exports

Exports

ColumnTheAndInformation
DirectorySyntax
IsForInsensitiveLeading
OfAreLeastAnd
SyntaxLines
ValuesIn

Sections

.text
Size: 102KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 56KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ddadac7cf4266d09186be0c5a504db9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

msvcrt

rpcrt4

Exports

Exports

Sections

.text Size: 102KB - Virtual size: 100KB

.rdata Size: 2KB - Virtual size: 796B

.data Size: 56KB - Virtual size: 157KB

.rsrc Size: 2KB - Virtual size: 960B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 102KB - Virtual size: 100KB

.rdata
Size: 2KB - Virtual size: 796B

.data
Size: 56KB - Virtual size: 157KB

.rsrc
Size: 2KB - Virtual size: 960B

.reloc
Size: 2KB - Virtual size: 1KB