870c083adf0da91d4a1d68a2a5bd99431fadd2cbe61da0fceeaab868ca41ff5e

Sharing

Copy URL Twitter E-mail

General

Target

870c083adf0da91d4a1d68a2a5bd99431fadd2cbe61da0fceeaab868ca41ff5e
Size

172KB
MD5

4d599fe95fc844786af4a540d6dc0d10
SHA1

ec4bd51abb3e15705002a09b1af999b0ade8d3b1
SHA256

870c083adf0da91d4a1d68a2a5bd99431fadd2cbe61da0fceeaab868ca41ff5e
SHA512

f10814c9f40b5afaee24cc58a85c987fd1e8f2aef61bb110a06a0f34ba9cc274e99e3db97df33a284c84b3d9841712232d12cfa893cd781e931f832a5884888a
SSDEEP

3072:kYIT5lAl+4D2XKoGET7S0p+lkmNV28gcsHBaVlN8JppLJ5ffC:kf9Gc7As4lN4DJpK

Score

N/A

Malware Config

Signatures

Files

870c083adf0da91d4a1d68a2a5bd99431fadd2cbe61da0fceeaab868ca41ff5e
.dll windows x86

21a54211bbf761bcc3f19a2b4db467e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
lstrcpyA
lstrlenA
GetModuleFileNameA
LoadLibraryA
FreeLibrary
GetProcAddress
lstrcpynA
GetLastError
GetPrivateProfileStringA
IsBadStringPtrA
IsBadWritePtr
GetTickCount
CreateEventA
CloseHandle
GetVersionExA
CancelIo
GetOverlappedResult
WaitForSingleObject
ResetEvent
ReadFile
WriteFile
CreateFileA
RtlUnwind
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr

shlwapi

StrTrimA

Exports

Exports

CreatePort
EnumerateDevices

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

21a54211bbf761bcc3f19a2b4db467e1

Headers

File Characteristics

Imports

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 976B

.reloc Size: 4KB - Virtual size: 3KB

.text Size: 112KB - Virtual size: 112KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 976B

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 112KB - Virtual size: 112KB