b176c00fbaec3a92105dd6f4f3f639a8970174d1948b2b92728c902bc58097cb

Sharing

Copy URL

Twitter E-mail

General

Target

b176c00fbaec3a92105dd6f4f3f639a8970174d1948b2b92728c902bc58097cb
Size

294KB
MD5

646d17bbd59481426d6a62c1574452de
SHA1

0759ed6d5a9f14d71ac204183fcf01017e8b7b55
SHA256

b176c00fbaec3a92105dd6f4f3f639a8970174d1948b2b92728c902bc58097cb
SHA512

9b2d97e310728f5bea330cd825c07431ed47b31e4e93dc7a2c03981584eb83198039721f8327ac07d041ba72573e6b32bca73fdd9fbf89f7d9b59d8218cc8ccf
SSDEEP

6144:ytRBPLMYJkExHjTt+g0QPekyswLCwuSr08hKZFXZoMq3L:EPLMNWjTh0igTx9nXMOL

Score

N/A

Malware Config

Signatures

Files

b176c00fbaec3a92105dd6f4f3f639a8970174d1948b2b92728c902bc58097cb
.dll windows x86

d60b153f709d700da7d7bd3b409f8773

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
lstrcmpA
OutputDebugStringA
lstrlenA
TlsSetValue
GetCurrentThreadId
InterlockedDecrement
HeapAlloc
VirtualFree
HeapCreate
WriteFile
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
FreeEnvironmentStringsW
MultiByteToWideChar
GetEnvironmentStrings
GetOEMCP
GetACP
FreeEnvironmentStringsA
GetModuleFileNameA
DeleteCriticalSection
GetCPInfo
SetFilePointer
SetStdHandle
CloseHandle
GetLocaleInfoW
FlushFileBuffers
GetLocaleInfoA
LoadLibraryA
VirtualAlloc
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapFree
GetCurrentProcess
lstrcpyA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InterlockedIncrement
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
ExitProcess
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsFree
SetLastError
GetLastError
SetHandleCount
GetStdHandle

user32

SetRect

ltkrn13n

ord282
ord192
ord196
ord190
ord284
ord134
ord189
ord188
ord125
ord101
ord117
ord100
ord123
ord120
ord191
ord129
ord141
ord283

lvkrn13n

ord202
ord1227
ord101
ord100
ord102
ord302
ord206
ord2100
ord1104
ord1504
ord1500
ord1218
ord1205
ord1202
ord203
ord208
ord1228
ord1229
ord2110
ord1100
ord1200
ord1201
ord2101
ord400
ord107
ord2300
ord122
ord1106
ord1110

Exports

Exports

DllMain
fltInfo
fltLoad
fltSave

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 206KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d60b153f709d700da7d7bd3b409f8773

Headers

File Characteristics

Imports

kernel32

user32

ltkrn13n

lvkrn13n

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 15KB - Virtual size: 21KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

.text Size: 206KB - Virtual size: 208KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 15KB - Virtual size: 21KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 206KB - Virtual size: 208KB