1ced2c8d98ae5d63e0686e13ae94cb8e2af03819dc0f9333b6028cd2e10d5f78

Sharing

Copy URL Twitter E-mail

General

Target

1ced2c8d98ae5d63e0686e13ae94cb8e2af03819dc0f9333b6028cd2e10d5f78
Size

752KB
MD5

011ac7c3981a79ec5372627c146bee70
SHA1

9eff80a07177df00467f1420efb7d62da12b768d
SHA256

1ced2c8d98ae5d63e0686e13ae94cb8e2af03819dc0f9333b6028cd2e10d5f78
SHA512

41bbaf5b6aff24f61ddef1aff18fc3f4d679b10a25a7795db4bd465c9a1237b654af0669dbfe81b20110e72715d50ee29cd4dd4f5c1a6d371a2949c7f4fc5d7c
SSDEEP

12288:ti0oT7vsqcTjVZAtG6F0fUL+gA3JBIMTinmMP7yiQ:ti0o3vsqcXVZ0GW0fUiPbIlnmMP7yiQ

Score

N/A

Malware Config

Signatures

Files

1ced2c8d98ae5d63e0686e13ae94cb8e2af03819dc0f9333b6028cd2e10d5f78
.dll windows x86

de056379a5eac588d9ab175d343af2cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
GetLastError
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
WaitForMultipleObjects
VirtualAlloc
VirtualFree
WaitForSingleObject
CloseHandle
CreateEventA
SetEvent
ResetEvent
CreateSemaphoreA
ReleaseSemaphore
InitializeCriticalSection
LocalFileTimeToFileTime
FileTimeToLocalFileTime
CompareFileTime
SetLastError
SetFileAttributesA
DeleteFileA
GetTempPathA
GetTempFileNameA
CreateFileA
ReadFile
WriteFile
GetSystemInfo
GetProcAddress
GetModuleHandleA
DosDateTimeToFileTime
FileTimeToDosDateTime
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InterlockedIncrement
RtlUnwind
RaiseException
HeapAlloc
HeapFree
CreateThread
TlsSetValue
TlsGetValue
ExitThread
GetCommandLineA
GetVersion
TlsAlloc
TlsFree
ExitProcess
SetUnhandledExceptionFilter
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
InterlockedDecrement

user32

CharPrevA
CharNextA
CharLowerW
CharLowerA
CharUpperW
CharUpperA
CharPrevExA

oleaut32

VariantCopy
SysFreeString
VariantClear
SysAllocString
SysAllocStringByteLen

Exports

Exports

CreateObject
GetHandlerProperty
GetHandlerProperty2
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetLargePageMode

Sections

.text
Size: 492KB - Virtual size: 492KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de056379a5eac588d9ab175d343af2cd

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

Exports

Exports

Sections

.text Size: 492KB - Virtual size: 492KB

.rdata Size: 67KB - Virtual size: 67KB

.data Size: 29KB - Virtual size: 43KB

.rsrc Size: 77KB - Virtual size: 77KB

.reloc Size: 28KB - Virtual size: 28KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 492KB - Virtual size: 492KB

.rdata
Size: 67KB - Virtual size: 67KB

.data
Size: 29KB - Virtual size: 43KB

.rsrc
Size: 77KB - Virtual size: 77KB

.reloc
Size: 28KB - Virtual size: 28KB

.rmnet
Size: 56KB - Virtual size: 60KB