6f85c3940eb2708c298bd174cdd10de05533f1f413119dd0c1a5d6273dc50c27

Sharing

Copy URL

Twitter E-mail

General

Target

6f85c3940eb2708c298bd174cdd10de05533f1f413119dd0c1a5d6273dc50c27
Size

332KB
MD5

6eb533a1ec4dda90696c85a8a5fca50f
SHA1

07435b8a8014ce0eadc91021a0e149687292bf79
SHA256

6f85c3940eb2708c298bd174cdd10de05533f1f413119dd0c1a5d6273dc50c27
SHA512

fc6365c9e08c0c1d1ed0c15ea0d36b8e53ae14a5dddd4eb521b64e95455d33bb9924be592b2e9f33d96ad66096eb007b5e732fd97c94ee47eaef59c2213c8d39
SSDEEP

6144:vv8PUMn9u7tVwzthzLw1I/u1tHxgIh5nQCrOOOkoH:McM9u7za5U1Im3pHQCaOOfH

Score

N/A

Malware Config

Signatures

Files

6f85c3940eb2708c298bd174cdd10de05533f1f413119dd0c1a5d6273dc50c27
.dll windows x86

beb8de6a45aaed9911ab71f5da2737ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
VirtualQuery
HeapAlloc
GetProcessHeap
CloseHandle
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetProcAddress
GetModuleHandleA
LoadLibraryA
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetVersionExA
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
LeaveCriticalSection
EnterCriticalSection
LCMapStringA
LCMapStringW
InterlockedExchange
SetFilePointer
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo

tier0

?Lock@CThreadFastMutex@@QCEXI@Z
_AssertValidWritePtr
AssertValidStringPtr
DevMsg
Plat_MSTime
ThreadInMainThread
Warning
Msg
Error
g_pMemAlloc
?DevMsg@@YAXPBDZZ

vstdlib

GetCVarIF

Exports

Exports

CreateInterface

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

beb8de6a45aaed9911ab71f5da2737ae

Headers

File Characteristics

Imports

kernel32

tier0

vstdlib

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 98KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 17KB

.reloc Size: 12KB - Virtual size: 9KB

.text Size: 196KB - Virtual size: 196KB

.text
Size: 100KB - Virtual size: 98KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 17KB

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 196KB - Virtual size: 196KB