62f55fe70d1d309090e6a33e00527aed67aa795b12f90452eac289809d96127d

Sharing

Copy URL

Twitter E-mail

General

Target

62f55fe70d1d309090e6a33e00527aed67aa795b12f90452eac289809d96127d
Size

332KB
MD5

81ba5b6e8141a6475648a388632e71bd
SHA1

69a5887cea14d8d88091f0ac71cb143a3f663cd8
SHA256

62f55fe70d1d309090e6a33e00527aed67aa795b12f90452eac289809d96127d
SHA512

e8ab00e60089f2ec0fdec112f8cc7eec2dec12722030c933a16cfb1592ca392985a95a7b9ac41e03576152ab34c1f20a2a367bf243422dde3309662350753ec4
SSDEEP

6144:K4kx4Rku9sHzIfBwzxhDlOBZ6NknOeirlBKKPPcwpbNToAybM1E:K4kBMYziUgBZ6NHe+3PEwhpib+E

Score

N/A

Malware Config

Signatures

Files

62f55fe70d1d309090e6a33e00527aed67aa795b12f90452eac289809d96127d
.dll windows x86

b862122fc63ca697dce6427f2b5f4d88

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
MultiByteToWideChar
BackupWrite
CloseHandle
CreateFileW
GetCurrentProcess
GetProcAddress
SetFilePointerEx
CreateMutexW
WaitForSingleObject
ReleaseMutex
SetFilePointer
InterlockedDecrement
InterlockedIncrement
FileTimeToSystemTime
SetEndOfFile
VirtualFree
VirtualAlloc
TlsAlloc
TlsSetValue
TlsGetValue
GetModuleHandleW
TlsFree

advapi32

WriteEncryptedFileRaw
CloseEncryptedFileRaw
OpenProcessToken
GetTokenInformation
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenEncryptedFileRawW

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?_Nomemory@std@@YAXXZ

msvcr71

_purecall
??3@YAXPAX@Z
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
_CxxThrowException
__CxxFrameHandler
??_V@YAXPAX@Z
wcslen
wcscpy
wcscat
swprintf
wcsncmp
free
malloc
_wopen
_read
_write
_lseeki64
_close
_telli64
_filelengthi64
_wmkdir
_waccess
_except_handler3
_get_osfhandle
memmove
__RTDynamicCast
qsort
strchr
strncmp
_callnewh
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
__dllonexit
_onexit
_wcsdup

Exports

Exports

CreateImageReader
DeleteImageReader
GetImageReaderCount

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b862122fc63ca697dce6427f2b5f4d88

Headers

File Characteristics

Imports

kernel32

advapi32

msvcp71

msvcr71

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 9KB

.text Size: 160KB - Virtual size: 160KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 160KB - Virtual size: 160KB