9d861b689c00946610224ca7ba7fa6f4478f39973a54cb8ad70cd46b20914672

General

Target

9d861b689c00946610224ca7ba7fa6f4478f39973a54cb8ad70cd46b20914672
Size

119KB
MD5

6042fdc00e55258c5f30aa973e2bf001
SHA1

4c4416a991d62cc919a890f5dbe8c70fa199ccb9
SHA256

9d861b689c00946610224ca7ba7fa6f4478f39973a54cb8ad70cd46b20914672
SHA512

2e82e82d74c0c1a55584e940dc676d83abb1f6e2e31aa043c5c12054c85c04dde6bfbacd0e58932a5de1d2f741900bc789c5e33d3e2edfeb3689aaf67413b34c
SSDEEP

3072:x2Vcux8IoukBa9z2iZ0F+SCYmNx3Q9hU5Bn2eoqDnM:cJuTa9M+SCYmNx3Q9W

Score

N/A

Malware Config

Signatures

Files

9d861b689c00946610224ca7ba7fa6f4478f39973a54cb8ad70cd46b20914672
.dll windows x86

46aec79e5cf2b251939008c3122c3857

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
CopyFileA
GetTempFileNameA
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
HeapCreate
HeapDestroy
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetLastError
CloseHandle
WriteFile
ReadFile
SetFilePointer
SetHandleCount
GetFileType
GetStdHandle
DeleteFileA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
SetStdHandle
FlushFileBuffers
CreateFileA
GetStringTypeA
GetStringTypeW
LoadLibraryA
SetEndOfFile

Exports

Exports

xitl_dic_end
xitl_dic_extract_pat
xitl_dic_init
xitl_dic_ref
xitl_dic_ref_head
xitl_dic_ref_keycode
xitl_dic_ref_keycode_head
xitl_dic_ref_keycode_no
xitl_dic_ref_no
xitl_dic_register
xitl_dic_remove

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 507B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46aec79e5cf2b251939008c3122c3857

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 512B - Virtual size: 507B

.data Size: 5KB - Virtual size: 10KB

.idata Size: 65KB - Virtual size: 65KB

.rsrc Size: 1024B - Virtual size: 948B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 512B - Virtual size: 507B

.data
Size: 5KB - Virtual size: 10KB

.idata
Size: 65KB - Virtual size: 65KB

.rsrc
Size: 1024B - Virtual size: 948B

.reloc
Size: 3KB - Virtual size: 2KB