74da4ee11587bcb0bd6b60671cc0b331db8d90f7c0cf7f9e96e64ae1c86bb374

Sharing

Copy URL Twitter E-mail

General

Target

74da4ee11587bcb0bd6b60671cc0b331db8d90f7c0cf7f9e96e64ae1c86bb374
Size

272KB
MD5

ebc0e8b14b3c87783f49fcc7f04a4115
SHA1

1cd7ef7bb5252cd515258cea367b19b32362925a
SHA256

74da4ee11587bcb0bd6b60671cc0b331db8d90f7c0cf7f9e96e64ae1c86bb374
SHA512

759a465af405dfa0a59af5615c96a8b5b96f8a0dead9dbe82dbc830b1a2c7e5357a77d12cf6f180d8341140b813511bd9ef547c0d0e85fea5011cf58e69d8fa1
SSDEEP

3072:n4ppDeNMPVD4Wpjc79ESUk5x3XMwRmqbqg1yKaTqMvmTBfE6Ag0FuArkut6oQQbD:na5ZpSR3vjbepqMvmTBM6AOhxtO

Score

N/A

Malware Config

Signatures

Files

74da4ee11587bcb0bd6b60671cc0b331db8d90f7c0cf7f9e96e64ae1c86bb374
.dll windows x86

a21ac41f2797b57f10bfac8bcc8f2e8b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
WriteFile
ReadFile
GetLastError
CloseHandle
GetModuleFileNameA
GetTempPathA
SetEndOfFile
CreateFileA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetProcAddress
GetModuleHandleA
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
RaiseException
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
Sleep
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetLocaleInfoA
HeapSize
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle

shell32

SHGetSpecialFolderPathA

shlwapi

UrlCombineA
UrlCompareA
UrlCanonicalizeA

Exports

Exports

CreateScanner
DeleteScanner
GetMalTypeInfo
RunScanner

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a21ac41f2797b57f10bfac8bcc8f2e8b

Headers

File Characteristics

Imports

kernel32

shell32

shlwapi

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 176KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 180KB - Virtual size: 176KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 13KB