62bfaf7e0afbad8a6c2e6da50e86842ff290ca07b365ade6d00050c5fb2fc3a6

Sharing

Copy URL Twitter E-mail

General

Target

62bfaf7e0afbad8a6c2e6da50e86842ff290ca07b365ade6d00050c5fb2fc3a6
Size

299KB
MD5

91a8c94fb64ce76a45e9917dd59cc240
SHA1

b520b4c3fc47831ec84cb09d5ea2d018940a4e7a
SHA256

62bfaf7e0afbad8a6c2e6da50e86842ff290ca07b365ade6d00050c5fb2fc3a6
SHA512

3707b253763ec13df3eccf6feae6808baec60cf0c1cd296a72ba0049eb530068d4676d7f90775f9c84e0d710ca5b1f9fbe84faf2c508ef2880baade16c00d2bc
SSDEEP

3072:EWhsS9upKB6ELFrzNjW0tPdC2Ag0FulBNyBNvAg0Fu387zDjiaw4l9Sdyqij2ndQ:a0uj0JzNjWUC2AOLUxAOkjw6S9i6nqQ8

Score

N/A

Malware Config

Signatures

Files

62bfaf7e0afbad8a6c2e6da50e86842ff290ca07b365ade6d00050c5fb2fc3a6
.dll windows x86

09349f1b74bec6009cb1825f7fa64855

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

tier0

GetCPUInformation
Error
Msg
Warning
g_pMemAlloc
AssertValidStringPtr
g_Telemetry
_AssertValidWritePtr
_AssertValidReadPtr

vstdlib

RandomFloat
KeyValuesSystem

kernel32

GetFileType
FlushFileBuffers
CreateFileW
ReadFile
WriteConsoleW
SetStdHandle
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
GetProcAddress
GetCurrentProcessId
CloseHandle
DecodePointer
EncodePointer
GetCommandLineA
GetLastError
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
WriteFile
GetStdHandle
GetModuleFileNameW
ExitProcess
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RaiseException
LCMapStringW
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
SetFilePointer
GetConsoleCP
GetConsoleMode
RtlUnwind
LoadLibraryW

Exports

Exports

CreateInterface

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

09349f1b74bec6009cb1825f7fa64855

Headers

DLL Characteristics

File Characteristics

Imports

tier0

vstdlib

kernel32

Exports

Exports

Sections

.text Size: 85KB - Virtual size: 85KB

.rdata Size: 89KB - Virtual size: 88KB

.data Size: 9KB - Virtual size: 117KB

.reloc Size: 13KB - Virtual size: 12KB

.text Size: 102KB - Virtual size: 104KB

.text
Size: 85KB - Virtual size: 85KB

.rdata
Size: 89KB - Virtual size: 88KB

.data
Size: 9KB - Virtual size: 117KB

.reloc
Size: 13KB - Virtual size: 12KB

.text
Size: 102KB - Virtual size: 104KB