b4f18964a876e925887b4b97941816de436df818016fa940a717d835bdbcaa2a

Sharing

Copy URL Twitter E-mail

General

Target

b4f18964a876e925887b4b97941816de436df818016fa940a717d835bdbcaa2a
Size

612KB
MD5

83859ce7d46f95bc0f91ed6220552353
SHA1

ff91f2026852bd1a1c7aed7650c41041a3284782
SHA256

b4f18964a876e925887b4b97941816de436df818016fa940a717d835bdbcaa2a
SHA512

67977a054bbb162330543d8a86093b24fab5c80b7b780ac24e2fb189cd37a8311cc9f9f55f104f2a149b16a83d5140c3f725856ac9bdfcb45d23460c55d35316
SSDEEP

12288:ayCl8+gRNoPh6zejFocQNZTOnJoopoo1gfBd:D+gRNo4qTasJoopoo1C/

Score

N/A

Malware Config

Signatures

Files

b4f18964a876e925887b4b97941816de436df818016fa940a717d835bdbcaa2a
.dll windows x86

2f625c63eeb8b334117cbad512b36a8a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
GetSystemDirectoryA
FindClose
FindFirstFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
MultiByteToWideChar
GetACP
IsValidCodePage
GetVersionExA
CreateThread
CloseHandle
TerminateThread
CreateEventA
SetEvent
WaitForSingleObject
WaitForMultipleObjects
GetSystemInfo
GetLastError
RtlUnwind
RaiseException
IsBadReadPtr
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
DeleteFileA
MoveFileA
InterlockedDecrement
InterlockedIncrement
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
GetProfileStringA
GetFileAttributesA
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
SetFilePointer
ReadFile
LCMapStringA
LCMapStringW
IsBadCodePtr
GetCPInfo
GetOEMCP
CreateFileA
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
DeleteCriticalSection
InitializeCriticalSection
GlobalMemoryStatus
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress
EnterCriticalSection
TlsGetValue
LeaveCriticalSection

user32

LoadStringA
wsprintfA

gdi32

GetICMProfileA
DeleteDC
CreateDCA

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegEnumValueA
RegQueryInfoKeyA
RegQueryValueExA

ole32

CoCreateInstance

Exports

Exports

ACEGetVersion
ACEHasFeature
ACEInitDelayed
ACEInitialize
ACETerminate

Sections

.text
Size: 368KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2f625c63eeb8b334117cbad512b36a8a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Exports

Exports

Sections

.text Size: 368KB - Virtual size: 366KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 32KB - Virtual size: 44KB

.rsrc Size: 4KB - Virtual size: 968B

.reloc Size: 28KB - Virtual size: 25KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 368KB - Virtual size: 366KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 32KB - Virtual size: 44KB

.rsrc
Size: 4KB - Virtual size: 968B

.reloc
Size: 28KB - Virtual size: 25KB

.rmnet
Size: 60KB - Virtual size: 60KB