be5b103256bb226d8e2b7ba2a07dd7f9b4f2ea8336aafba50e918a60ce9574f9

Sharing

Copy URL Twitter E-mail

General

Target

be5b103256bb226d8e2b7ba2a07dd7f9b4f2ea8336aafba50e918a60ce9574f9
Size

127KB
MD5

4c965e420b917e6f62c172837cb35b19
SHA1

33e1aff680895329c76607007ccd79096c14fb84
SHA256

be5b103256bb226d8e2b7ba2a07dd7f9b4f2ea8336aafba50e918a60ce9574f9
SHA512

b9908669bfd3652aae3c673a3380c9896a7cc5d038cca997dda59f86256d6a0ca6283de13e47214fdfdbc8972187895113237a8257a3d6c514e6bf76ad1f8746
SSDEEP

3072:EUz4GODdj/yJQLJBaSyc6DkdavE5akQoIY9Lv++rr5iu:EAODd21DkWEkfslr/

Score

N/A

Malware Config

Signatures

Files

be5b103256bb226d8e2b7ba2a07dd7f9b4f2ea8336aafba50e918a60ce9574f9
.dll windows x86

b3b44e3a5d837baa9f135bb63cfe6de5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CreateFileA
CloseHandle
ReadFile
WriteFile
GetProcAddress
DeleteFileA
VirtualAlloc
GetTempPathA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcr80

rand
sprintf_s
srand
?terminate@@YAXXZ
_encode_pointer
_malloc_crt
memcpy
_encoded_null
_decode_pointer
_initterm
_initterm_e
strcpy_s
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_access
_time32
__RTDynamicCast
_amsg_exit
??2@YAPAXI@Z
_CxxThrowException
memset
__CxxFrameHandler3
??_U@YAPAXI@Z
??_V@YAXPAX@Z
??3@YAXPAX@Z
toupper
strncpy_s
_splitpath_s
_mbsicmp
free

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Exports

Exports

CreatePlugIn

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3b44e3a5d837baa9f135bb63cfe6de5

Headers

File Characteristics

Imports

kernel32

msvcr80

msvcp80

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 101KB - Virtual size: 100KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 101KB - Virtual size: 100KB

.reloc
Size: 1KB - Virtual size: 1KB