87ee1459aa421bec15f4460911994ca710854d4d7cc49301037d839b1211ffe0

Sharing

Copy URL Twitter E-mail

General

Target

87ee1459aa421bec15f4460911994ca710854d4d7cc49301037d839b1211ffe0
Size

629KB
MD5

656727947a3f0c2b69623df6e2b24f20
SHA1

7324010664eff485bf9311a8aaf96c2f2db827eb
SHA256

87ee1459aa421bec15f4460911994ca710854d4d7cc49301037d839b1211ffe0
SHA512

ea96ec4207a9708fb8d01ee119f4ed90c49596817df476a2826816f7a60b940b0301a67312333ecd0d860c967609d1cfbd7e4e67b3eb8822b6572b9157f03737
SSDEEP

12288:M5QMg0OkCyZ+B2t/xsg/NOuPdQ+qiDY+iBy0bcudqcs3CxOfCm7mw2nAjwf:cvg0Ok7Z+B2b/RiBfbcukc4CxOfHljw

Score

N/A

Malware Config

Signatures

Files

87ee1459aa421bec15f4460911994ca710854d4d7cc49301037d839b1211ffe0
.dll windows x86

2d9b1b12bb43479aa00722268b3b4490

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

common

_ZN15CGlobalFunction10GetSettingEPKtS1_Pti
_ZN15CGlobalFunction10SetSettingEPKtS1_S1_
_ZN15CGlobalFunction19MultiByteToWideCharEPKcPtii
_ZN15CGlobalFunction19WideCharToMultiByteEPKtPcii
_ZN15CGlobalFunction20GetUserDataDirectoryEPti
_ZN6JMutex4InitEv
_ZN6JMutex4LockEv
_ZN6JMutex6UnlockEv
_ZN6JMutexC1Ev
_ZN6JMutexD1Ev
_ZN8JLibrary6unloadEv
_ZN8JLibrary7resolveEPKc
_ZN8JLibraryC1EPKc
_ZN8JLibraryD1Ev

trace

TraceSrv_Trace

kernel32

CloseHandle
LoadLibraryA
VirtualAlloc
EnterCriticalSection
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
ReleaseSemaphore
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
WideCharToMultiByte

mingwm10

__mingwthr_key_dtor

msvcrt

_fdopen
_fstat
_lseek
_read
_write
__dllonexit
__lc_codepage
__mb_cur_max
_errno
_iob
_isctype
_pctype
abort
atoi
atol
fclose
fflush
fopen
fputc
fputs
fread
free
fseek
ftell
fwrite
getenv
iswctype
localeconv
malloc
memchr
memmove
realloc
setlocale
setvbuf
sprintf
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncmp
strstr
strtol
strxfrm
tolower
toupper
towlower
towupper
wcscoll
wcsftime
wcslen
wcsxfrm

libgcc_s_dw2-1

_Unwind_DeleteException
_Unwind_GetDataRelBase
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_Resume
_Unwind_Resume_or_Rethrow
_Unwind_SetGR
_Unwind_SetIP
__deregister_frame_info
__emutls_get_address
__register_frame_info
__udivdi3
__umoddi3

Exports

Exports

CreatePluginContainer
DestroyPluginContainer

Sections

.text
Size: 409KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 125B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d9b1b12bb43479aa00722268b3b4490

Headers

File Characteristics

Imports

common

trace

kernel32

mingwm10

msvcrt

libgcc_s_dw2-1

Exports

Exports

Sections

.text Size: 409KB - Virtual size: 408KB

.data Size: 50KB - Virtual size: 49KB

.rdata Size: 50KB - Virtual size: 50KB

.bss Size: - Virtual size: 2KB

.edata Size: 512B - Virtual size: 125B

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 96KB - Virtual size: 96KB

.reloc Size: 18KB - Virtual size: 17KB

.text
Size: 409KB - Virtual size: 408KB

.data
Size: 50KB - Virtual size: 49KB

.rdata
Size: 50KB - Virtual size: 50KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 125B

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 96KB - Virtual size: 96KB

.reloc
Size: 18KB - Virtual size: 17KB