58344e112c045f399b1f911ead1b3db449ea0c653542b855bb20367d084b877e

Sharing

Copy URL Twitter E-mail

General

Target

58344e112c045f399b1f911ead1b3db449ea0c653542b855bb20367d084b877e
Size

269KB
MD5

c2e1ef72436a9bb669c19ff518df561d
SHA1

f0e51d79bf289b7f57234be6d3c406f19d80d976
SHA256

58344e112c045f399b1f911ead1b3db449ea0c653542b855bb20367d084b877e
SHA512

2b3d9902e5cc5f2207098bcf2c4485837cb3378e9dc78961a472756e6c64fc67c8dc759e543a488dd9cc26e3cf9a4980f2d79b01b69c7d5735d232672115aa7d
SSDEEP

6144:8wMagT4bnnewHWK2ZDNXeDevXgh+JWwDWvU:8wUT4neRZDGePsEnWvU

Score

N/A

Malware Config

Signatures

Files

58344e112c045f399b1f911ead1b3db449ea0c653542b855bb20367d084b877e
.dll windows x86

adf858553ba3765545e44b8ebdb0b4af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
FreeLibrary
LoadLibraryA
DeleteFileA
GetTempFileNameA
GetTempPathA
LCMapStringW
TlsFree
SetLastError
SetEndOfFile
GetLocaleInfoW
CreateFileA
GetLocaleInfoA
SetStdHandle
IsBadCodePtr
FlushFileBuffers
IsBadReadPtr
SetUnhandledExceptionFilter
HeapAlloc
HeapFree
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
GetCommandLineA
GetModuleHandleA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
GetWindowsDirectoryA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetModuleFileNameA
IsBadWritePtr
TlsGetValue
GetLastError
RaiseException
SetFilePointer
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
ReadFile
HeapSize
CloseHandle
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WriteFile
GetStringTypeA
GetStringTypeW

gdi32

CreatePalette
DeleteObject

ltkrn13n

ord285
ord274
ord271
ord192
ord272
ord157
ord283
ord282
ord284
ord188
ord196
ord189
ord190
ord273
ord191

Exports

Exports

DllMain
fltDeletePage
fltInfo
fltLoad
fltSave

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adf858553ba3765545e44b8ebdb0b4af

Headers

File Characteristics

Imports

kernel32

gdi32

ltkrn13n

Exports

Exports

Sections

.text Size: 135KB - Virtual size: 135KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 21KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 98KB - Virtual size: 97KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 135KB - Virtual size: 135KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 21KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 98KB - Virtual size: 97KB

.reloc
Size: 7KB - Virtual size: 7KB