5d36f2209086f86edaab71704c548631b05a2f07ef5f4a850d61f04aa2ebe28f

Sharing

Copy URL Twitter E-mail

General

Target

5d36f2209086f86edaab71704c548631b05a2f07ef5f4a850d61f04aa2ebe28f
Size

402KB
MD5

80260799a2b55f55b27c2aa54bb2a800
SHA1

32373b3e94ab5703d5fb3410a1b5e8f13fde8f93
SHA256

5d36f2209086f86edaab71704c548631b05a2f07ef5f4a850d61f04aa2ebe28f
SHA512

635e56a612d477c06d49a44648d85b93873c3a4ec03fad57801d9a7a0b5a77d01e4a392213e02aa95c11b5f7f524f563d7d43316fee7d6268a65623dab3112cc
SSDEEP

6144:0MOMb19QVgBw5e3WE303RxTW1csI8cFEEcK4+le9IDMujJ:+m1WVgBwcOWSNGs247jJ

Score

N/A

Malware Config

Signatures

Files

5d36f2209086f86edaab71704c548631b05a2f07ef5f4a850d61f04aa2ebe28f
.dll windows x86

3859dce243800a73a759f93ee6f03bf9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

GetConsoleMode
PeekNamedPipe
GetCurrentProcess
WaitForSingleObject
GetTickCount
WriteFile
InitializeCriticalSection
LeaveCriticalSection
ReadFile
CreateFileW
GetOverlappedResult
GetLastError
EnterCriticalSection
ResetEvent
CreateEventW
WaitForMultipleObjects
CancelIo
SetFilePointerEx
OpenEventW
DeleteCriticalSection
CloseHandle
GetProcAddress
LoadLibraryA
OpenThread
FreeLibrary
SleepEx
GetModuleHandleW
LoadLibraryW
GetMailslotInfo
GetModuleFileNameW
DisableThreadLibraryCalls
GetFileType
GetModuleFileNameA
CreateThread
SetStdHandle
FindNextFileW
DecodePointer
GetConsoleCP
FlushFileBuffers
GetStringTypeW
InterlockedIncrement
InterlockedDecrement
Sleep
EncodePointer
WriteConsoleW
RaiseException
GetCommandLineA
GetCurrentThreadId
RtlUnwind
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
HeapSize
GetStdHandle
HeapFree
HeapAlloc
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetProcessHeap
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
LoadLibraryExW
HeapReAlloc
OutputDebugStringW
LCMapStringW

advapi32

RegQueryValueExA
RegOpenKeyExA

ole32

StringFromIID
CoTaskMemFree

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3859dce243800a73a759f93ee6f03bf9

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

advapi32

ole32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 1024B - Virtual size: 872B

.reloc Size: 23KB - Virtual size: 23KB

.text Size: 108KB - Virtual size: 108KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 23KB - Virtual size: 23KB

.text
Size: 108KB - Virtual size: 108KB

.text
Size: 108KB - Virtual size: 108KB