4b9822db2b78368314acf44754b2f295b34b91a0b2d88a14e3d20b1c8b1d2c87

Sharing

Copy URL Twitter E-mail

General

Target

4b9822db2b78368314acf44754b2f295b34b91a0b2d88a14e3d20b1c8b1d2c87
Size

2.5MB
MD5

4300116d94558661b5d8fbf498e4f716
SHA1

cb452465689c497516725cf935d9c86e0c475d9b
SHA256

4b9822db2b78368314acf44754b2f295b34b91a0b2d88a14e3d20b1c8b1d2c87
SHA512

7c3f92c7ad778c603cd2c6b5d18e4ea214868df9b9f03d5aecf566a14359493fef5f74c2367029c8ec4e5a6daa3f481926066b48030ee36019431ac251c13a5d
SSDEEP

49152:SSfXazDLrO4j7IHRA+jgnCwheysXdiNoSn+BwAwXcITOUiBAgPOiQlr:SSvazXr1/OA+LwEXdcoSnCwhXcIsfWiu

Score

N/A

Malware Config

Signatures

Files

4b9822db2b78368314acf44754b2f295b34b91a0b2d88a14e3d20b1c8b1d2c87
.dll windows x86

8c61c9949261fdb351dcf6b41cb218d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
CreateDirectoryA
FindFirstFileA
GetLastError
FindClose
GetPrivateProfileIntA
WritePrivateProfileStringA
GetLocalTime
GetModuleFileNameA
QueryPerformanceCounter
Sleep
CloseHandle
InterlockedIncrement
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCurrentThreadId
GetCommandLineA
HeapAlloc
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
RaiseException
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
ReadFile
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
ExitProcess
SetFilePointer
RtlUnwind
MultiByteToWideChar
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
InterlockedExchange
LoadLibraryA
CreateFileA
GetLocaleInfoW
SetEndOfFile
GetProcessHeap
CreateFileW
GetModuleHandleA

Exports

Exports

create_phonic_utool

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8c61c9949261fdb351dcf6b41cb218d8

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 2.1MB - Virtual size: 2.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 16KB - Virtual size: 15KB

.text Size: 108KB - Virtual size: 108KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 2.1MB - Virtual size: 2.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 15KB

.text
Size: 108KB - Virtual size: 108KB

.text
Size: 108KB - Virtual size: 108KB