d9b28b5aaca06dc140c1a47ef431eee377beaa7cd5a4b100c2ffe211139910e2

Sharing

Copy URL Twitter E-mail

General

Target

d9b28b5aaca06dc140c1a47ef431eee377beaa7cd5a4b100c2ffe211139910e2
Size

584KB
MD5

369f178de9ac2c2b644fd53998b8a9ca
SHA1

4a2b65d995a053c76d5df93f1464b6e9ac4045e9
SHA256

d9b28b5aaca06dc140c1a47ef431eee377beaa7cd5a4b100c2ffe211139910e2
SHA512

83be391923a3eb11a56e61ddf9a296825d8ccd905e2a0941973a3fc76cd93fbde0515d691e6dc142fe6df689ea16e187f8cc193f62e559a70edcd62cbc630681
SSDEEP

12288:ZI7r4tJoO+NenwODBeQ+cBPwhYb5U1Im3pHQCaOOf4:ZirQ+NAgQ+cRDbk9Ih4

Score

N/A

Malware Config

Signatures

Files

d9b28b5aaca06dc140c1a47ef431eee377beaa7cd5a4b100c2ffe211139910e2
.dll windows x86

37fd1af843a65314faa71b24513a0ea3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
LeaveCriticalSection
OutputDebugStringA
EnterCriticalSection
InitializeCriticalSection
TerminateProcess
GetModuleFileNameA
GetModuleHandleA
VirtualQuery
HeapAlloc
GetProcessHeap
SetConsoleTextAttribute
GetStdHandle
GetEnvironmentVariableA
GetConsoleScreenBufferInfo
GetNumberOfConsoleInputEvents
PeekConsoleInputA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
GetLocaleInfoW
SetEndOfFile
SetConsoleCtrlHandler
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
CompareStringW
CompareStringA
CreateProcessA
MultiByteToWideChar
WideCharToMultiByte
GetProcAddress
LoadLibraryA
FreeLibrary
DeleteCriticalSection
GetDriveTypeA
GetCurrentDirectoryA
GetFullPathNameA
GetLastError
CreateDirectoryA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
GetFileAttributesA
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentThreadId
GetCommandLineA
GetVersionExA
ExitProcess
RtlUnwind
SetHandleCount
GetFileType
GetStartupInfoA
FatalAppExitA
CloseHandle
WriteFile
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
ReadFile
SetFilePointer
SetEnvironmentVariableW
VirtualProtect
VirtualAlloc
GetSystemInfo
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
InterlockedExchange
FlushFileBuffers
SetStdHandle
CreateFileA
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetCPInfo
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetACP
GetOEMCP
GetTimeZoneInformation
GetExitCodeProcess
WaitForSingleObject
WriteConsoleA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

tier0

GetCPUInformation
?Lock@CThreadMutex@@QAEXXZ
?Lock@CThreadMutex@@QBEXXZ
?DevMsg@@YAXPBDZZ
DevMsg
_AssertValidReadPtr
_AssertValidWritePtr
AssertValidStringPtr
CommandLine_Tier0
Warning
Error
Msg
SpewOutputFunc
g_pMemAlloc

vstdlib

KeyValuesSystem
GetCVarIF

Exports

Exports

CreateInterface

Sections

.text
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 64.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

37fd1af843a65314faa71b24513a0ea3

Headers

File Characteristics

Imports

kernel32

advapi32

tier0

vstdlib

Exports

Exports

Sections

.text Size: 256KB - Virtual size: 255KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 8KB - Virtual size: 64.4MB

.reloc Size: 80KB - Virtual size: 79KB

.text Size: 196KB - Virtual size: 196KB

.text
Size: 256KB - Virtual size: 255KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 8KB - Virtual size: 64.4MB

.reloc
Size: 80KB - Virtual size: 79KB

.text
Size: 196KB - Virtual size: 196KB