d8f322e722e74538c06560141db355e87d7c97070a708d47b7e8c789cf7eb284

Sharing

Copy URL Twitter E-mail

General

Target

d8f322e722e74538c06560141db355e87d7c97070a708d47b7e8c789cf7eb284
Size

545KB
MD5

0ac14508973d69270768c6af066153f0
SHA1

87e9cd7b812c347230794755e79172058b933335
SHA256

d8f322e722e74538c06560141db355e87d7c97070a708d47b7e8c789cf7eb284
SHA512

d654a645ed18cf8c7c8dcbeee6049dae39c43a87418009e9ace782383e739ec7aedafb71492e6b197df28582846af606c7d24e168f6a36dae821759a1188d440
SSDEEP

12288:unb3mAAtqsb+KXJ+pVG/AsPc4hckRyWuQHhCh4o7HNrYjzQh0QCW:ub3m5tr64MpVgbc4h5yWuO6j7H9Yj

Score

N/A

Malware Config

Signatures

Files

d8f322e722e74538c06560141db355e87d7c97070a708d47b7e8c789cf7eb284
.dll windows x86

9db1f94bf46dc6cfa8c5cf9e38189483

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetVersion
GetVersionExA
GetVersion
LeaveCriticalSection
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

PostQuitMessage

advapi32

RegQueryValueExA

oleaut32

VariantInit

version

GetFileVersionInfoSizeA

gdi32

PlayEnhMetaFile

ole32

CoCreateInstance

comctl32

ImageList_GetBkColor

wsock32

gethostbyname

winmm

sndPlaySoundA

Exports

Exports

dirret
keyprocxy

Sections

CODE
Size: - Virtual size: 602KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata0
Size: - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata1
Size: 539KB - Virtual size: 539KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9db1f94bf46dc6cfa8c5cf9e38189483

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

version

gdi32

ole32

comctl32

wsock32

winmm

Exports

Exports

Sections

CODE Size: - Virtual size: 602KB

DATA Size: - Virtual size: 7KB

BSS Size: - Virtual size: 3KB

.idata Size: - Virtual size: 9KB

.edata Size: - Virtual size: 92B

.idata0 Size: - Virtual size: 77KB

.idata1 Size: 539KB - Virtual size: 539KB

.reloc Size: 512B - Virtual size: 300B

.rsrc Size: 4KB - Virtual size: 111KB

CODE
Size: - Virtual size: 602KB

DATA
Size: - Virtual size: 7KB

BSS
Size: - Virtual size: 3KB

.idata
Size: - Virtual size: 9KB

.edata
Size: - Virtual size: 92B

.idata0
Size: - Virtual size: 77KB

.idata1
Size: 539KB - Virtual size: 539KB

.reloc
Size: 512B - Virtual size: 300B

.rsrc
Size: 4KB - Virtual size: 111KB