b3e801a2969da5ea094c7da9b0671b62be3162db7351796089c4153f1a80c303

Sharing

Copy URL Twitter E-mail

General

Target

b3e801a2969da5ea094c7da9b0671b62be3162db7351796089c4153f1a80c303
Size

300KB
MD5

84b5da5bb0f1714e77ee44fb01d15760
SHA1

4205b28ac7be64d59d919c75b80dd707b54f9a0a
SHA256

b3e801a2969da5ea094c7da9b0671b62be3162db7351796089c4153f1a80c303
SHA512

4388fa93d44bb776c0b9c07c43cc794dfedb6716202a360a76b59754ddfb0851ee2a479314833c840d472866f7d5efacddb4c865cd43f43b2c0502e56e225cf9
SSDEEP

6144:6Fc+vJ7S7mZZZi5/mHC1/JBtE+POd+02XYnQhQcUWRpLT:AcmkL3LC+0jnQhSWRpLT

Score

N/A

Malware Config

Signatures

Files

b3e801a2969da5ea094c7da9b0671b62be3162db7351796089c4153f1a80c303
.dll windows x86

62dd301bf807aef9487e70169d30b5cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetSystemInfo
lstrlenW
SetEndOfFile
WriteFile
SetFilePointerEx
ReadFile
GlobalUnlock
HeapFree
HeapAlloc
HeapReAlloc
GetProcessHeap
GlobalFree
RaiseException
GlobalAlloc
GetVersionExW
SleepEx
MulDiv
TerminateThread
DebugBreak
IsDebuggerPresent
GetStartupInfoW
GetTickCount
HeapSetInformation
DeleteCriticalSection
GetLastError
SetLastError
LocalFree
lstrcmpW
LeaveCriticalSection
DisableThreadLibraryCalls
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingW
CreateFileW
SizeofResource
LockResource
LoadResource
FindResourceW
GetLocalTime
GetModuleFileNameW
Sleep
OutputDebugStringA
RtlUnwind
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetFilePointer
FlushFileBuffers
lstrcpynW
GetDiskFreeSpaceA
lstrcmpiW
WideCharToMultiByte
EnterCriticalSection
InitializeCriticalSectionAndSpinCount

user32

IsRectEmpty
ReleaseDC
EqualRect
GetClassInfoExW

advapi32

RegQueryValueExW
RegEnumKeyExW
RegEnumValueW

ole32

PropVariantCopy
CoInitializeEx
CoUninitialize
CLSIDFromString
CoTaskMemAlloc
PropVariantClear
StringFromGUID2
CoLockObjectExternal
CoTaskMemFree

msvcrt

fseek
memcpy
ungetc
wcstombs
wctomb
localeconv
isdigit
strstr
realloc
free
wcsstr
calloc
strncmp
wcschr
fclose
exit
ftell
fread
malloc
memmove
memset

rpcrt4

RpcRaiseException

Exports

Exports

InstalledInitializationMSMQCluster
IsFresh

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata3
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62dd301bf807aef9487e70169d30b5cc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

rpcrt4

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 18KB

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 169KB

.fdata3 Size: 12KB - Virtual size: 9KB

.rsrc Size: 228KB - Virtual size: 227KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 18KB

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 169KB

.fdata3
Size: 12KB - Virtual size: 9KB

.rsrc
Size: 228KB - Virtual size: 227KB

.reloc
Size: 4KB - Virtual size: 1KB