d245452ca571f4855e09a330cf195ca218406052a8add1c125734d51d97a4ab1

Sharing

Copy URL Twitter E-mail

General

Target

d245452ca571f4855e09a330cf195ca218406052a8add1c125734d51d97a4ab1
Size

896KB
MD5

01928840ffb15e5791c4543229084210
SHA1

00d4ff5c741a30b9de6bc14e744bb65d01918a85
SHA256

d245452ca571f4855e09a330cf195ca218406052a8add1c125734d51d97a4ab1
SHA512

f5d5b45bf6093b3ee4a5992b258007170265086836f46a17c0eb101b68d93972b85d715a13c8ab19b51ebd362115f432e367eba10393429a6add5bd01b1e7849
SSDEEP

12288:AxKs9Mw41RsDWqB+sBPmARP/iafZjCSY5oEhTke/RzMMu/QFffnmxR4XM:sKvvE1AsBFRPKSESYHee/bTmxRkM

Score

N/A

Malware Config

Signatures

Files

d245452ca571f4855e09a330cf195ca218406052a8add1c125734d51d97a4ab1
.dll windows x86

b7b09c301a21f4d2495be61f4bb0bc6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__mb_cur_max
fgetpos
fseek
realloc
_isctype
_pctype
strtol
strchr
strrchr
strncat
ctime
fopen
vfprintf
fclose
toupper
_getpid
wcslen
_iob
fprintf
sscanf
_mbsupr
_beginthreadex
strncpy
sprintf
_putenv
_adjust_fdiv
malloc
_initterm
free
memmove
srand
rand
atoi
atol
getenv
_fcvt
_ftol
pow
time
fread
memcpy
_stricmp

kernel32

RaiseException
GetPrivateProfileIntA
GetPrivateProfileStringA
QueryDosDeviceA
DefineDosDeviceA
lstrcmpA
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
ResetEvent
WaitForMultipleObjects
OpenEventA
IsBadReadPtr
GetModuleHandleA
DisableThreadLibraryCalls
FlushViewOfFile
UnmapViewOfFile
GetTempPathA
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
ReleaseMutex
TerminateThread
GetExitCodeThread
CreateMutexA
SetEvent
GetVersionExA
CreateEventA
GlobalUnlock
OpenFile
GlobalAlloc
GetCurrentProcess
GetCurrentThread
InitializeCriticalSection
GetTickCount
GlobalFree
EnterCriticalSection
GlobalLock
GetOverlappedResult
LeaveCriticalSection
ReleaseSemaphore
OpenSemaphoreA
CreateSemaphoreA
WaitForSingleObject
Sleep
SearchPathA
GetFileSize
DeviceIoControl
LocalFree
LocalAlloc
WriteFile
GetVersion
GetLocalTime
ReadFile
CloseHandle
FindNextFileA
CreateFileA
SystemTimeToFileTime
GetSystemTime
FindClose
FindFirstFileA
GetProcAddress
SetErrorMode
GetLastError
FreeLibrary
LoadLibraryA
GetModuleFileNameA
GetEnvironmentVariableA
GetCurrentProcessId
InterlockedExchange

Exports

Exports

cype_FuncionPrincipal
mncoacan_FuncionPrincipal

Sections

.text
Size: 576KB - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CONST
Size: 4KB - Virtual size: 80B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b7b09c301a21f4d2495be61f4bb0bc6b

Headers

File Characteristics

Imports

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 576KB - Virtual size: 576KB

CONST Size: 4KB - Virtual size: 80B

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 120KB - Virtual size: 401KB

.reloc Size: 56KB - Virtual size: 55KB

.text Size: 112KB - Virtual size: 112KB

.text
Size: 576KB - Virtual size: 576KB

CONST
Size: 4KB - Virtual size: 80B

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 120KB - Virtual size: 401KB

.reloc
Size: 56KB - Virtual size: 55KB

.text
Size: 112KB - Virtual size: 112KB