e1db73d37eab605eb138c1db4a726aa176e9df445d9a7c7a9baaf19bc652dcff

Sharing

Copy URL Twitter E-mail

General

Target

e1db73d37eab605eb138c1db4a726aa176e9df445d9a7c7a9baaf19bc652dcff
Size

224KB
MD5

00b5b79f73f660cba1ac0c557892e3b0
SHA1

03b6f062b18e5b97dee66b23b6bb8adef896021b
SHA256

e1db73d37eab605eb138c1db4a726aa176e9df445d9a7c7a9baaf19bc652dcff
SHA512

5f887ad62a7f14836befde3eeb3e2474ba3030027bffbe420d5f27bde7018076b0bfa4698eb9df2ac644850d83bd12a260457198d7a4c5b8f850936b3780be16
SSDEEP

3072:Q8hLI0FpkquF/dUVvO0sqJ+vibsIyPz7yaRJNuuDrmYpvUsvEz:nUYpkd1yp+vqsIkz7RlHFp1vE

Score

N/A

Malware Config

Signatures

Files

e1db73d37eab605eb138c1db4a726aa176e9df445d9a7c7a9baaf19bc652dcff
.dll windows x86

dd8ba451adc29c6b21b8f8a2d4af29a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
InterlockedCompareExchange
GetTickCount
Sleep
CreateFileA
WriteFile
FileTimeToSystemTime
FindFirstFileA
GetLocalTime
FindNextFileA
GetCurrentThreadId
OutputDebugStringA
CloseHandle
DeleteFileA
SetEvent
CreateEventA
GetLastError
TerminateThread
CreateThread
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
WaitForSingleObject
CreateEventW
WaitForMultipleObjects
SignalObjectAndWait
ResetEvent
InterlockedExchangeAdd
CreateMutexA
ReleaseMutex
VirtualQuery
GetModuleFileNameA
SetEndOfFile
ReadFile
GetModuleHandleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
GetCommandLineA
RaiseException
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleW
GetProcAddress
ExitProcess
GetStdHandle
WideCharToMultiByte
GetTimeZoneInformation
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
HeapSize
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LoadLibraryA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetProcessHeap

ole32

CoInitialize
CoUninitialize
CoCreateGuid

shlwapi

PathIsDirectoryA

Exports

Exports

GDP_manager
destroy

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd8ba451adc29c6b21b8f8a2d4af29a5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

shlwapi

Exports

Exports

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 9KB - Virtual size: 22KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 9KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 9KB - Virtual size: 22KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 9KB

.rmnet
Size: 56KB - Virtual size: 60KB