b0b44610660cd2be053b04f8cd481876130d3bd3599379ec987179eceb3b8d4b

Sharing

Copy URL Twitter E-mail

General

Target

b0b44610660cd2be053b04f8cd481876130d3bd3599379ec987179eceb3b8d4b
Size

404KB
MD5

804629fd31a45535e6dc86fedd1d9c2e
SHA1

865d3c66a3a0b12ff6fee582566a8dcd80edf47a
SHA256

b0b44610660cd2be053b04f8cd481876130d3bd3599379ec987179eceb3b8d4b
SHA512

c19041bec40cc68aeef753e06b057fb93d19c170e67808cf52c3bb439d8fe0be2e8516ac990fc04630c9b7f821096b780b2f2d8d222fef4abfd74bf7b27fbe0e
SSDEEP

6144:zAqc974tmjcbv3GbKQQAObzfsDhzLw1I/u1tHxgIh5nQCrOOOkoM:KBiWyGboZTK5U1Im3pHQCaOOfM

Score

N/A

Malware Config

Signatures

Files

b0b44610660cd2be053b04f8cd481876130d3bd3599379ec987179eceb3b8d4b
.dll windows x86

999b31f9d351577e2105be9143adbea5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
VirtualQuery
HeapAlloc
GetProcessHeap
CloseHandle
FlushFileBuffers
GetSystemInfo
VirtualAlloc
VirtualProtect
GetStringTypeW
GetStringTypeA
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetCurrentThreadId
GetCommandLineA
GetVersionExA
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedExchange
RaiseException
SetFilePointer
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
LCMapStringA
MultiByteToWideChar
LCMapStringW
SetStdHandle
GetLocaleInfoA

tier0

Warning
GetCPUInformation
g_pMemAlloc

vstdlib

GetCVarIF
Q_snprintf

Exports

Exports

CreateInterface
_ftol3

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

999b31f9d351577e2105be9143adbea5

Headers

File Characteristics

Imports

kernel32

tier0

vstdlib

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 125KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 16KB - Virtual size: 56KB

.reloc Size: 20KB - Virtual size: 18KB

.text Size: 196KB - Virtual size: 196KB

.text
Size: 128KB - Virtual size: 125KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 16KB - Virtual size: 56KB

.reloc
Size: 20KB - Virtual size: 18KB

.text
Size: 196KB - Virtual size: 196KB