1ea24e1aac0b2c0ecff45c0afb36499ab5425754bb12fc842b32527305af8495

General

Target

1ea24e1aac0b2c0ecff45c0afb36499ab5425754bb12fc842b32527305af8495
Size

176KB
MD5

0bd5d3b38ef4d2f639e93dd353f1c700
SHA1

da6b997e48346a3f784f5ad41527e7316d41ca41
SHA256

1ea24e1aac0b2c0ecff45c0afb36499ab5425754bb12fc842b32527305af8495
SHA512

ca24b68ad91776da967fa1900be421543c9e2fddfafe328cc013acc10fe1ecd60cb1cc784247c3f21e454af73543b622d7e7944e13af50b8cfb6faf0d4e2e1fb
SSDEEP

3072:5uLTtYMJTeeBNLMt5maItRQc59vAivv4EGsLIIx9+:6pfL2r8n5hPJLz+

Score

N/A

Malware Config

Signatures

Files

1ea24e1aac0b2c0ecff45c0afb36499ab5425754bb12fc842b32527305af8495
.dll windows x86

74f4986fa2678cc55102dafa621f49b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetLastError
HeapReAlloc
HeapFree
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
RaiseException
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
InitializeCriticalSection
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

?getNxExtension@@YAPAVNxExtension@@W4NxExtensionType@@@Z
?releaseNxExtension@@YAXPAVNxExtension@@@Z

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

74f4986fa2678cc55102dafa621f49b7

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 8KB - Virtual size: 5KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 8KB - Virtual size: 5KB

.rmnet
Size: 60KB - Virtual size: 60KB