865c8831bac3a5f9da2e0302919ef7b018e80fec3ef09a70ec7cfbdf8febbac3

Sharing

Copy URL Twitter E-mail

General

Target

865c8831bac3a5f9da2e0302919ef7b018e80fec3ef09a70ec7cfbdf8febbac3
Size

373KB
MD5

6e523a6410ed42e13bd790b82ac49878
SHA1

aab3cb066b7b39d24d73a8eb1562c8a8c68fc43e
SHA256

865c8831bac3a5f9da2e0302919ef7b018e80fec3ef09a70ec7cfbdf8febbac3
SHA512

8ad90674945134dcc1e23a1a35f801c47090b3fe06eab4b486c57912a0e589503e27f7ce5bd91edb5747f2da986533b80d5251aff252e8bcbdeea2e64cfb5a57
SSDEEP

6144:AGsH3nH9gH3xGOp13Je8lJfszLLzIeTPCqzcHH1yZLwr/3FCisL7vYXt+g0QPekT:AGsH3H9i3AZzcHH1yZLwr/wi8QXh0ige

Score

N/A

Malware Config

Signatures

Files

865c8831bac3a5f9da2e0302919ef7b018e80fec3ef09a70ec7cfbdf8febbac3
.dll windows x86

35909b18f3c7071e54375a63f3c53201

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
MulDiv
GetCurrentThreadId
TlsFree
SetLastError
HeapReAlloc
SetEnvironmentVariableA
GetLocaleInfoW
CompareStringA
CompareStringW
GetLocaleInfoA
LoadLibraryA
GetStringTypeA
LCMapStringW
RtlUnwind
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetLastError
SetFilePointer
lstrcpyA
TlsSetValue
TlsAlloc
GetCPInfo
GetStringTypeW
TlsGetValue
WriteFile
ReadFile
CloseHandle
FlushFileBuffers
TerminateProcess
GetCurrentProcess
GetProcAddress
GetModuleHandleA
RaiseException
GetModuleFileNameA
GetEnvironmentStringsW
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
SetStdHandle
InterlockedDecrement
InterlockedIncrement
LCMapStringA

gdi32

GetNearestPaletteIndex

ltkrn12n

ord272
ord271
ord273
ord192
ord190
ord116
ord189
ord163
ord129
ord134
ord100
ord125
ord137
ord141
ord167
ord188
ord191

Exports

Exports

DllMain
fltComment
fltInfo
fltLoad
fltSave

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 206KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

35909b18f3c7071e54375a63f3c53201

Headers

File Characteristics

Imports

kernel32

gdi32

ltkrn12n

Exports

Exports

Sections

.text Size: 122KB - Virtual size: 121KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 25KB - Virtual size: 30KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 6KB

.text Size: 206KB - Virtual size: 208KB

.text
Size: 122KB - Virtual size: 121KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 25KB - Virtual size: 30KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 6KB

.text
Size: 206KB - Virtual size: 208KB