63b41d1742677d9a2e09cd841d28285790a3c46eca9d7fb24bbb074a11deb971

Sharing

Copy URL Twitter E-mail

General

Target

63b41d1742677d9a2e09cd841d28285790a3c46eca9d7fb24bbb074a11deb971
Size

319KB
MD5

a2b69933b3840ee61226ce92711deee7
SHA1

741b2d4b61d560db11d2096b6d70b1580930b927
SHA256

63b41d1742677d9a2e09cd841d28285790a3c46eca9d7fb24bbb074a11deb971
SHA512

c83cf537c34d8eeeb5ab8cf41f732a95ab2af99b958b8c8a335dc81d7548bcd55b7ebce032d00b0006f862578969d2650ad21994b20a310e8b57a5f3f552b45f
SSDEEP

3072:3kV6nbLMEch8P30yQIJiP/oq7sXgBKqpcdidX584Iz+7FT2ffCbP8BbDNc7:oh8P3e3/oq7UiLhtUfoUBHNo

Score

N/A

Malware Config

Signatures

Files

63b41d1742677d9a2e09cd841d28285790a3c46eca9d7fb24bbb074a11deb971
.dll windows x86

6c1eb6418a13026d3b004be698ce2663

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
GetLastError
HeapSize
lstrlenA
SystemTimeToTzSpecificLocalTime
WideCharToMultiByte
FormatMessageW
GetTimeZoneInformation
lstrcmpW
MultiByteToWideChar
lstrlenW
LocalFree
GetSystemTime
GetEnvironmentVariableW
CreateProcessW
WaitForSingleObject
WriteFile
GetVersionExW
GetExitCodeProcess
TerminateProcess
CreateFileW
SetLastError
DeviceIoControl
CreatePipe
CloseHandle
GetCurrentThreadId
GetCommandLineA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThread
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
GetStringTypeA
GetStringTypeW
FatalAppExitA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetFilePointer
GetConsoleCP
GetConsoleMode
RtlUnwind
VirtualAlloc
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetLocaleInfoW
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

FormatDrive
SetActivePartition

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c1eb6418a13026d3b004be698ce2663

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 196KB - Virtual size: 202KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 196KB - Virtual size: 202KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 4KB - Virtual size: 4KB