ad60b4735a7caf043e60028295a8daf8cfe28f1b7c946230f8b6dd7d98626dca

Sharing

Copy URL Twitter E-mail

General

Target

ad60b4735a7caf043e60028295a8daf8cfe28f1b7c946230f8b6dd7d98626dca
Size

91KB
MD5

76a8b34cbd4a0009c2b31a457c3dbc4f
SHA1

4999249deb9f71758f44ef8b03a57893fd3cf4ec
SHA256

ad60b4735a7caf043e60028295a8daf8cfe28f1b7c946230f8b6dd7d98626dca
SHA512

d9d6260748fe64f5300c1f9df940162058d6f1c4c4846d3d27534b23a53ac916e87e181bff074c903addb987f067d256c5ce2e14d7f1e232be046f5278c7957d
SSDEEP

1536:QB0EIYg6hzk/gKIfSaD2wKt4huxR1AsCcTP8BhODpT95XDgNIM52myfs/L:nEIYgmfKaSU2wKtUmzA2z8vgpg6E7y0/

Score

N/A

Malware Config

Signatures

Files

ad60b4735a7caf043e60028295a8daf8cfe28f1b7c946230f8b6dd7d98626dca
.dll windows x86

1a4e16260c212a75ced6b09db287744a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

vcl680mi

ord2234
ord2359
ord2417
ord2360
ord2283
ord3544
ord3549
ord3311
ord2274
ord2243
ord1091
ord2259
ord1089
ord7357
ord7355
ord7354
ord7356
ord1653
ord2173
ord2174
ord2187
ord2175
ord2597
ord2603
ord3298
ord3644
ord3294
ord3654
ord3293
ord3529
ord3335
ord3530
ord2197
ord2171
ord2177
ord2183
ord388
ord39
ord3444
ord3512
ord3481
ord3507
ord3358
ord3528
ord2594
ord2578
ord379
ord3327
ord2585
ord2588
ord2586
ord2590
ord2589
ord2587
ord2584
ord384
ord3304
ord3341
ord3309
ord3302
ord3340
ord3328
ord1845
ord3338
ord3339
ord1851
ord1844
ord382
ord2580
ord2598
ord1629
ord1601
ord2231
ord2233

tl680mi

ord432
ord433
ord273
ord821
ord812
ord40
ord1745
ord340
ord403
ord404
ord434
ord545
ord511
ord557
ord546
ord504
ord1776
ord1782
ord790
ord561
ord735
ord1777
ord417
ord508
ord566
ord1781
ord419
ord505
ord402
ord405
ord418
ord442
ord365
ord525
ord507
ord518
ord524
ord516
ord575
ord559
ord573
ord416
ord1766
ord1765
ord1719
ord1788
ord1787
ord1754
ord363
ord569
ord603
ord374
ord364
ord576
ord580
ord375
ord1783
ord1779
ord1778
ord1737
ord1736
ord1735
ord1728
ord1727
ord1729
ord1734
ord1738
ord1733
ord1732
ord1731
ord1730
ord1753
ord1755
ord1718

sal3

osl_getThreadTextEncoding

msvcr71

_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
__CppXcptFilter
_adjust_fdiv
malloc
_initterm
free
??1type_info@@UAE@XZ
_CIfmod
??2@YAPAXI@Z
??_U@YAPAXI@Z
??_V@YAXPAX@Z
??3@YAXPAX@Z

kernel32

DisableThreadLibraryCalls
GetModuleHandleA
LoadLibraryExA
CreateFileA
ReadFile
CloseHandle
GetModuleFileNameA

Exports

Exports

GetVersionInfo
GraphicImport

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a4e16260c212a75ced6b09db287744a

Headers

File Characteristics

Imports

vcl680mi

tl680mi

sal3

msvcr71

kernel32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 60KB - Virtual size: 60KB

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 2KB - Virtual size: 1KB