f1df765c4fd0ff574017f4889e9c3f99f7bb58b88a95930b5153ea7550e49086

Sharing

Copy URL

Twitter E-mail

General

Target

f1df765c4fd0ff574017f4889e9c3f99f7bb58b88a95930b5153ea7550e49086
Size

296KB
MD5

8495aceffc1a27ddf2a93e38dc18963a
SHA1

a713a7dd3402e06f2e5b1c9919a504d428e853ad
SHA256

f1df765c4fd0ff574017f4889e9c3f99f7bb58b88a95930b5153ea7550e49086
SHA512

6f1f4804a603655ef6339aaabf84acaed9864e458a0458b56486444e18965d253815dfa156469a0f2948fb41606e9befc764e6707bd5412cc10f07b1d5823050
SSDEEP

6144:gkPHeGujDZoCavbCEFlZS+y11ti89nZEJ3GDDE:gc+Guj9o3CEFLS3PBZEJ3GDQ

Score

N/A

Malware Config

Signatures

Files

f1df765c4fd0ff574017f4889e9c3f99f7bb58b88a95930b5153ea7550e49086
.dll windows x86

6d74cf71e765165a000a156010408fcd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
TlsSetValue
TlsAlloc
TlsFree
lstrcpyA
GetProcAddress
LoadLibraryA
SetErrorMode
GetModuleFileNameA
FreeLibrary
TerminateProcess
GetCurrentProcess
SetFilePointer
SetStdHandle
GetLocaleInfoW
GetLocaleInfoA
CloseHandle
FlushFileBuffers
RaiseException
GetStringTypeA
GetStringTypeW
VirtualAlloc
HeapFree
LCMapStringA
WriteFile
LCMapStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetLastError
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetCommandLineA
GetModuleHandleA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
TlsGetValue
LeaveCriticalSection
ExitProcess
HeapAlloc
GetFileType
WideCharToMultiByte
GetCurrentThreadId
SetLastError
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetACP
GetStdHandle
GetStartupInfoA
GetCPInfo
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings

user32

SetRect

ltkrn11n

ord192
ord135
ord215
ord146
ord129
ord189
ord137
ord196
ord101
ord163
ord134
ord125
ord100
ord141
ord194
ord188
ord191
ord190
ord175
ord179
ord174

lffax11n

ord202
ord203
ord201

Exports

Exports

DllMain
fltComment
fltDeletePage
fltGetStamp
fltGetTag
fltInfo
fltLoad
fltSave
fltSaveData
fltSetComment
fltSetTag
fltStartSaveData
fltStopSaveData

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 147KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6d74cf71e765165a000a156010408fcd

Headers

File Characteristics

Imports

kernel32

user32

ltkrn11n

lffax11n

Exports

Exports

Sections

.text Size: 113KB - Virtual size: 113KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 25KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 5KB

.text Size: 147KB - Virtual size: 148KB

.text
Size: 113KB - Virtual size: 113KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 25KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB

.text
Size: 147KB - Virtual size: 148KB