128aca58be325174f0220bd7ca6030e4e206b4378796e82da460055733bb6f4f_unpacked_x64

Sharing

Copy URL Twitter E-mail

General

Target

128aca58be325174f0220bd7ca6030e4e206b4378796e82da460055733bb6f4f_unpacked_x64
Size

79KB
MD5

52dda1e6ac12c24f2997cf05e0ea42c9
SHA1

82691bf5d8ca1c760e0dbc67c99f89ecd890de08
SHA256

128aca58be325174f0220bd7ca6030e4e206b4378796e82da460055733bb6f4f
SHA512

a076a826ceed99a708f4fa5465486a433bab5fb0bef05885189471fe00ebfb2eb395d6d2e89d2f55aa82e023b941b758f23b7ac6c1ccf5cdf08664f01f5a5bdb
SSDEEP

1536:uOootnqoooooooooooeooooooooooooooooooooooooExqJUcQPAbhyZxxG44ANN:tootnqoooooooooooeooooooooooooo5

Score

N/A

Malware Config

Signatures

Files

128aca58be325174f0220bd7ca6030e4e206b4378796e82da460055733bb6f4f_unpacked_x64
.dll windows x64

648cce701d85366b3ecac853d4701a73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

memmove
memset
memcpy
_onexit
_lock
__dllonexit
??1type_info@@UEAA@XZ
__C_specific_handler
_amsg_exit
_initterm
_XcptFilter
_callnewh
_CxxThrowException
??0exception@@QEAA@AEBQEBDH@Z
_errno
__CxxFrameHandler
realloc
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
??0exception@@QEAA@XZ
wcschr
_unlock
free
malloc
_purecall
memcmp

kernel32

GetModuleHandleA
LoadLibraryA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
OutputDebugStringA
RaiseException
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
Sleep
VirtualProtect
lstrlenW
CreateFileW
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetSystemDirectoryW
FreeLibrary
SetLastError
CloseHandle
GetCurrentProcess
DuplicateHandle
GetLastError
DeviceIoControl
LocalAlloc

user32

CharUpperBuffW
wvsprintfW

ntdll

RtlCompareUnicodeString
RtlInitUnicodeString
RtlCopyUnicodeString

Exports

Exports

GetFactory
GetObjectCount

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

648cce701d85366b3ecac853d4701a73

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

ntdll

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 70KB

.data Size: 1KB - Virtual size: 3KB

.pdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 944B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 70KB - Virtual size: 70KB

.data
Size: 1KB - Virtual size: 3KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 944B

.reloc
Size: 1KB - Virtual size: 1KB