79358dc6630edf7396c348b30d057daac86979df41fd8d80eb216308b973f533

General

Target

79358dc6630edf7396c348b30d057daac86979df41fd8d80eb216308b973f533
Size

243KB
MD5

a16ebb1ec7845e865f8b5b379a345b97
SHA1

87a26e0ed38a1ee2642d813e0efc31655a6c99bf
SHA256

79358dc6630edf7396c348b30d057daac86979df41fd8d80eb216308b973f533
SHA512

4b20d96c3ec389648e5933b626bd5522573a8703ef6161db76a2e217f5827c2e439b8ec1315d487ba327b8896b09afbf0c136b35cf7774d23e01a07503fb97c0
SSDEEP

6144:yAEtWt+g0QPekyswLCwuSr08hKZFXZoMq3+:ydAh0igTx9nXMO+

Score

N/A

Malware Config

Signatures

Files

79358dc6630edf7396c348b30d057daac86979df41fd8d80eb216308b973f533
.dll windows x86

b0b3bc565803a66d599a385ea3167976

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetVersion
ExitProcess
VirtualAlloc
HeapAlloc
LoadLibraryA
WriteFile
WideCharToMultiByte
HeapFree
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetCPInfo
GetModuleFileNameA
GetACP
GetStdHandle
GetFileType
GetStartupInfoA
VirtualFree
HeapCreate
GetCommandLineA
GetProcAddress
lstrcpyA
SetHandleCount
TerminateProcess
GetCurrentProcess
HeapDestroy

ltkrn13n

ord163
ord108
ord192
ord174
ord124
ord137
ord151
ord179
ord112
ord100
ord134
ord101
ord189
ord141
ord125
ord283
ord282
ord129
ord190
ord188
ord191

Exports

Exports

DllMain
fltDeletePage
fltFreeData
fltGetStamp
fltInfo
fltLoad
fltSave

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 838B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 206KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b0b3bc565803a66d599a385ea3167976

Headers

File Characteristics

Imports

kernel32

ltkrn13n

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 3KB

.idata Size: 1024B - Virtual size: 996B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 838B

.text Size: 206KB - Virtual size: 208KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 3KB

.idata
Size: 1024B - Virtual size: 996B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 838B

.text
Size: 206KB - Virtual size: 208KB