e2301b369078e5a190dfcd5c5a491bc81766c6c69fa84492aa1c1afae01a1113

General

Target

e2301b369078e5a190dfcd5c5a491bc81766c6c69fa84492aa1c1afae01a1113
Size

252KB
MD5

42fb9d728acf654223cd6757e5cf9210
SHA1

d63a1f2f59a7bea33402690066b83d942a41f9fc
SHA256

e2301b369078e5a190dfcd5c5a491bc81766c6c69fa84492aa1c1afae01a1113
SHA512

82252c4b923960d767a34a052da80f9753277d7155422ca80a2039458f05aacf68f64d9890764923a633a76aa43f2e0a70e7c8c82b75eac18e16aee473e466cb
SSDEEP

3072:63+ddlDEQfnbE4z+Xd/BX6NlW76l0l49qo8gdbNKyn2Ia+5ygaaJr:5dpXQBXaTCl4VNKynxa+QyJ

Score

N/A

Malware Config

Signatures

Files

e2301b369078e5a190dfcd5c5a491bc81766c6c69fa84492aa1c1afae01a1113
.dll windows x86

74c13f244100d6737646630613996b27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
IsDBCSLeadByte
SetEndOfFile
RtlUnwind
InterlockedDecrement
InterlockedIncrement
HeapAlloc
HeapFree
HeapReAlloc
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
CloseHandle
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetUnhandledExceptionFilter
HeapSize
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
CreateFileA
GetACP
GetOEMCP
LoadLibraryA

Exports

Exports

CreateUIHelper
DestroyUIHelper

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

74c13f244100d6737646630613996b27

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 140KB - Virtual size: 136KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 16KB - Virtual size: 20KB

.reloc Size: 16KB - Virtual size: 12KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 140KB - Virtual size: 136KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 16KB - Virtual size: 20KB

.reloc
Size: 16KB - Virtual size: 12KB

.rmnet
Size: 60KB - Virtual size: 60KB