becf6f5208790bf9e7719f562502112cd2a0c727b83c1d3703f2f2df469c4e62

Sharing

Copy URL

Twitter E-mail

General

Target

becf6f5208790bf9e7719f562502112cd2a0c727b83c1d3703f2f2df469c4e62
Size

202KB
MD5

a249d4e2cab7f930807cf2bf5e8afdee
SHA1

38367f4da2dc0626db57afc5d9c767c9e91a1ba4
SHA256

becf6f5208790bf9e7719f562502112cd2a0c727b83c1d3703f2f2df469c4e62
SHA512

224142c92caee38e27005479c068f3d1078c818aeb119bbca10e4df5ca849937c0beb1c53eabb30e35e8219921bb0d6d481a0b20f1c25f40ff465a8c8007de9e
SSDEEP

6144:nYD0hLV454FmbWoReMcI2fIDf8URkXJY1lV:nYoJEqoRP2fEULO

Score

N/A

Malware Config

Signatures

Files

becf6f5208790bf9e7719f562502112cd2a0c727b83c1d3703f2f2df469c4e62
.dll windows x86

2b15cc9d100046c9b90a2a4705482b44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
_purecall
swprintf
_gmtime64
wcslen
_wcsicmp
wcschr
_except_handler3
memmove
_time64
wcsstr
_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit
_callnewh
_CxxThrowException
??1type_info@@UAE@XZ
?terminate@@YAXXZ
??3@YAXPAX@Z

msvcp60

?nothrow@std@@3Unothrow_t@1@B

ntdll

wcscpy
wcsncpy
memcmp
memset
_snprintf
_alloca_probe

advapi32

RevertToSelf
SetThreadToken
OpenThreadToken

kernel32

GetCurrentThread
CreateFileMappingA
MapViewOfFile
GetSystemInfo
IsBadReadPtr
VirtualAlloc
UnmapViewOfFile
GetVersion
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
SetLastError
lstrlenA
MultiByteToWideChar
GetModuleFileNameA
InterlockedExchange
GetACP
VirtualProtect
GetThreadLocale
GetVersionExW
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
GetLastError
CreateMutexW
CloseHandle
WaitForSingleObject
ReleaseMutex
LeaveCriticalSection
EnterCriticalSection
RaiseException
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameW
GetVersionExA

wldap32

ord14
ord145
ord73
ord165
ord157
ord111
ord26
ord27
ord16
ord208
ord69
ord41
ord142
ord140
ord224
ord36
ord13
ord88

rpcrt4

UuidFromStringW
RpcStringFreeW
UuidToStringW

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit

ole32

CoCreateInstance

netapi32

DsGetDcNameW
NetApiBufferFree

rtutils

TraceRegisterExW
TraceDeregisterW
TraceVprintfExW

Exports

Exports

ServiceMain
L2GPPolicyDataDeleteAll
L2GPPolicyDataRead
L2GPPolicyDataWrite
L2GPPolicyFreeMem
L2GPPolicyStoreClose
L2GPPolicyStoreOpen

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b15cc9d100046c9b90a2a4705482b44

Headers

File Characteristics

Imports

msvcrt

msvcp60

ntdll

advapi32

kernel32

wldap32

rpcrt4

oleaut32

ole32

netapi32

rtutils

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 512B - Virtual size: 460B

.rsrc Size: 167KB - Virtual size: 166KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 512B - Virtual size: 460B

.rsrc
Size: 167KB - Virtual size: 166KB

.reloc
Size: 2KB - Virtual size: 2KB