ae50026d8ccb0c9a54d27e231932b6b685214b7dcc6ec2ae6dfbb348fd41e2ac

General

Target

ae50026d8ccb0c9a54d27e231932b6b685214b7dcc6ec2ae6dfbb348fd41e2ac
Size

118KB
MD5

9274ce615bfd7d47ffa007c931ce31f4
SHA1

f78de2b56f97a93e8056d19f7eaacac62bb6368b
SHA256

ae50026d8ccb0c9a54d27e231932b6b685214b7dcc6ec2ae6dfbb348fd41e2ac
SHA512

91aa4a8a6d7e7ba6eaee00726c5aa48abfb0befb308e8ca7262aedfb6f72a0249a4582474d85be26031c68b621424f9d58189784c69adce0e540bd0f5ee1a2e0
SSDEEP

3072:D2C5J9bY5NXEnVXhUWNN0lmmHOB2OtS2:vVY/pWNN0lmmuB3tS2

Score

N/A

Malware Config

Signatures

Files

ae50026d8ccb0c9a54d27e231932b6b685214b7dcc6ec2ae6dfbb348fd41e2ac
.dll windows x86

9a0a13edd732e583506aec6bace5f5c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
DisableThreadLibraryCalls
EnumResourceLanguagesW
ExitProcess
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetVersion
HeapAlloc
LoadResource
MultiByteToWideChar
ReadFile
SetLastError
SetUnhandledExceptionFilter
VirtualAlloc
VirtualFree
lstrcpynA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ntdll

RtlFreeUnicodeString
RtlInitString
RtlInitUnicodeString
RtlLeaveCriticalSection
RtlNtStatusToDosError
RtlUnlockHeap
swprintf
wcsncpy
RtlEnterCriticalSection
RtlFreeSid

rpcrt4

I_UuidCreate
NdrFullPointerQueryPointer
NdrMesTypeAlignSize
NdrNonConformantStringBufferSize
I_RpcTransDatagramFree
NdrServerContextNewUnmarshall
NdrServerInitializeMarshall
NdrVaryingArrayUnmarshall
RpcServerRegisterIfEx
RpcServerTestCancel
RpcServerUseProtseqEpA
char_from_ndr
I_RpcTransDatagramAllocate2
NdrOleAllocate

crtdll

fseek
fputs
cos
_seterrormode
_memicmp

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a0a13edd732e583506aec6bace5f5c7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

version

ntdll

rpcrt4

crtdll

Sections

.text Size: 25KB - Virtual size: 24KB

.data Size: 72KB - Virtual size: 111KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 25KB - Virtual size: 24KB

.data
Size: 72KB - Virtual size: 111KB

.rsrc
Size: 20KB - Virtual size: 19KB