c0f817898d4d9c33449f7f785223cd6109dfd41d390c23776408c391d039e8e1

General

Target

c0f817898d4d9c33449f7f785223cd6109dfd41d390c23776408c391d039e8e1
Size

407KB
MD5

9633c938a19f4f36955dcace3a9a8670
SHA1

a9af84621dbba4226e3508393aa2298d7eb4464f
SHA256

c0f817898d4d9c33449f7f785223cd6109dfd41d390c23776408c391d039e8e1
SHA512

fdef9daf9f1bf03022f7099750b2a6d77cf5086833f27a6cf64d903fc595ba98037b5be2b68ce0e193d26806c11950ad301ef053fc13bf1ee73b79874669f246
SSDEEP

12288:XnIO39YAeNLFjAYarEdrEb5P6VxY54+H792:XIsJeNhaodobEV+HY

Score

N/A

Malware Config

Signatures

Files

c0f817898d4d9c33449f7f785223cd6109dfd41d390c23776408c391d039e8e1
.exe windows x86

46337557842a2a62735bb11eb096b204

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryW
LoadLibraryExW
GetSystemDirectoryW
GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetModuleHandleW
GetProcessHeap
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
VirtualProtect
IsDebuggerPresent

msvcr80

_crt_debugger_hook
__set_app_type
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_unlock

Exports

Exports

DllGetLCID
wdCommandDispatch
wdGetApplicationObject

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.ddata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

46337557842a2a62735bb11eb096b204

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcr80

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 900B

.rsrc Size: 325KB - Virtual size: 325KB

.reloc Size: 512B - Virtual size: 372B

.ddata Size: 68KB - Virtual size: 68KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 900B

.rsrc
Size: 325KB - Virtual size: 325KB

.reloc
Size: 512B - Virtual size: 372B

.ddata
Size: 68KB - Virtual size: 68KB