dbfc132d141673ac256829640f5b6b3be18db00b3fef68e8300099526456f750

General

Target

dbfc132d141673ac256829640f5b6b3be18db00b3fef68e8300099526456f750
Size

56KB
MD5

81a883f96dccc53284d04abe39062868
SHA1

ac3aee937cdf1586524386fd1602a93dd8835baa
SHA256

dbfc132d141673ac256829640f5b6b3be18db00b3fef68e8300099526456f750
SHA512

3e91289907efe3918bca3dbf6b8cfa32a22c82557da3d461109c68977c5517eab74555cfc00394a7874240145750c15243a7d5aa85f1ad0283c5ec3f48c3db47
SSDEEP

1536:yVIzu/q4KjQ/gFlSHL2ncaYqhDhNaem1v0aqo:Kt/pj/GUL233FBxaq

Score

N/A

Malware Config

Signatures

Files

dbfc132d141673ac256829640f5b6b3be18db00b3fef68e8300099526456f750
.dll windows x86

80e9c4e974faaec0044eda3125fbedb4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
GetSystemTimes
CreateDirectoryW
LocalFree
CloseHandle
GetFileAttributesExW
GetVolumeInformationW
DeleteTimerQueueTimer
CreateTimerQueueTimer
GetLastError
InitializeCriticalSection
InterlockedIncrement
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
ReadFile
GetOverlappedResult
GetCommandLineA
VirtualProtect
VirtualFree
GetSystemInfo
VirtualAlloc

advapi32

SetEntriesInAclW
GetTokenInformation
OpenProcessToken
CreateWellKnownSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

msvcr71

_except_handler3
memcpy
strchr
wcschr
_stricmp
_unlock
_adjust_fdiv
_XcptFilter
malloc
free
_initterm
__CppXcptFilter
__dllonexit
_onexit

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80e9c4e974faaec0044eda3125fbedb4

Headers

File Characteristics

Imports

kernel32

advapi32

msvcr71

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 34KB - Virtual size: 68KB

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 34KB - Virtual size: 68KB

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB