b6797a3e42e3f3b50b980f857272387c6cbac44328dda41260b481fdd8d19123

Sharing

Copy URL

Twitter E-mail

General

Target

b6797a3e42e3f3b50b980f857272387c6cbac44328dda41260b481fdd8d19123
Size

148KB
MD5

47c43a361a84237118eec4b7dcd59cc0
SHA1

948e93a68d4327162bdd561df8d0cf90a73d46c1
SHA256

b6797a3e42e3f3b50b980f857272387c6cbac44328dda41260b481fdd8d19123
SHA512

db18d96f4a12a2433d7423c1a8df8c2bbbda6abf3ecc775a89a628bcf9becb8f3a885d25df3da1cda1d46085aff87efb8b5f676dc31124f27ac379d8fc9f6127
SSDEEP

3072:PFctbw+7OBuoijGrPAH8JVJDvTB/+ym7IKjqNxT:e7DGrCK5d/+TcKj8x

Score

N/A

Malware Config

Signatures

Files

b6797a3e42e3f3b50b980f857272387c6cbac44328dda41260b481fdd8d19123
.dll windows x86

028671ee99a1ece96d9d3f10b23e770f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
FindClose
GetPrivateProfileStringA
CreateDirectoryA
CopyFileA
FindNextFileA
FindFirstFileA
GetFileAttributesA
GetModuleHandleA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
ExitProcess
GetLastError
WideCharToMultiByte
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
InitializeCriticalSection
InterlockedExchange
VirtualQuery
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualProtect
GetSystemInfo

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

CreatePluginManager
CreateScanEngine

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

028671ee99a1ece96d9d3f10b23e770f

Headers

File Characteristics

Imports

version

kernel32

advapi32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 5KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB

.rmnet
Size: 60KB - Virtual size: 60KB