e3f17cd34c88fa32faed3be28b9002e958f8f29b72c2d91f802d41c7c0ab7e1b

Sharing

Copy URL Twitter E-mail

General

Target

e3f17cd34c88fa32faed3be28b9002e958f8f29b72c2d91f802d41c7c0ab7e1b
Size

224KB
MD5

15be12db4f860c841164053c0b2354a0
SHA1

89fb1cea82df2bbfcef7c1876d75e8e046359ca1
SHA256

e3f17cd34c88fa32faed3be28b9002e958f8f29b72c2d91f802d41c7c0ab7e1b
SHA512

04be7275ac089d1af3c67eb2727d626244ff8672bfe77cdec0463c0443ee58654be88fc341516507a63b3c6349a1530c167192a07cf0cfa56651200c415f442f
SSDEEP

6144:jUYpkd1yp+vqsIkz7RCSgG6cXjA0ZuO0:RkzypIbdBTXjRL0

Score

N/A

Malware Config

Signatures

Files

e3f17cd34c88fa32faed3be28b9002e958f8f29b72c2d91f802d41c7c0ab7e1b
.dll windows x86

dd8ba451adc29c6b21b8f8a2d4af29a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
InterlockedCompareExchange
GetTickCount
Sleep
CreateFileA
WriteFile
FileTimeToSystemTime
FindFirstFileA
GetLocalTime
FindNextFileA
GetCurrentThreadId
OutputDebugStringA
CloseHandle
DeleteFileA
SetEvent
CreateEventA
GetLastError
TerminateThread
CreateThread
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
WaitForSingleObject
CreateEventW
WaitForMultipleObjects
SignalObjectAndWait
ResetEvent
InterlockedExchangeAdd
CreateMutexA
ReleaseMutex
VirtualQuery
GetModuleFileNameA
SetEndOfFile
ReadFile
GetModuleHandleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
GetCommandLineA
RaiseException
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleW
GetProcAddress
ExitProcess
GetStdHandle
WideCharToMultiByte
GetTimeZoneInformation
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
HeapSize
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LoadLibraryA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetProcessHeap

ole32

CoInitialize
CoUninitialize
CoCreateGuid

shlwapi

PathIsDirectoryA

Exports

Exports

GDP_manager
destroy

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd8ba451adc29c6b21b8f8a2d4af29a5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

shlwapi

Exports

Exports

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 9KB - Virtual size: 22KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 9KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 9KB - Virtual size: 22KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 9KB

.rmnet
Size: 56KB - Virtual size: 60KB