bd1795e11e68d7386464d759954c87d835e07957025503c287862c7ebc97f628

Sharing

Copy URL Twitter E-mail

General

Target

bd1795e11e68d7386464d759954c87d835e07957025503c287862c7ebc97f628
Size

360KB
MD5

a0ec6a66b5080c572677111032644f53
SHA1

240f07153bc299db4261af00a82594e492c890ac
SHA256

bd1795e11e68d7386464d759954c87d835e07957025503c287862c7ebc97f628
SHA512

b330cf572169c7a57f1157c7a79198e0f98860673157ff73cd5c8bbc363831c9ec75f0b84ff6538c4a5809245a299cb4ed94ad1c4b04d95278b457561bfeb1a2
SSDEEP

6144:xqYmWAAdXKM/Wx4wMoZq4lBgOHe8sAOwrpGk7Gx:4YmAdXTn7oIO+8sOpGIGx

Score

N/A

Malware Config

Signatures

Files

bd1795e11e68d7386464d759954c87d835e07957025503c287862c7ebc97f628
.dll windows x86

7ab6a58e9c7efff3efe184cbb2efe104

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
VirtualQuery
CreateFileA
CloseHandle
FlushFileBuffers
GetLocaleInfoW
CompareStringA
CompareStringW
GetModuleFileNameA
GetModuleFileNameW
OutputDebugStringA
GetACP
WideCharToMultiByte
GetVersionExA
GetLastError
GetCommandLineA
RaiseException
RtlUnwind
HeapFree
HeapAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThreadId
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
WriteFile
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
GetModuleHandleW
GetCPInfo
GetOEMCP
Sleep
SetFilePointer
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
SetEnvironmentVariableA

user32

FillRect
GetDesktopWindow
MessageBoxA
CheckRadioButton
GetWindowLongA
CreateDialogParamA
SetParent
SetWindowLongA
GetWindowRect
MoveWindow
ShowWindow
SetDlgItemTextA
IsWindow
DestroyWindow

gdi32

SelectPalette
SetMiterLimit
WidenPath
StrokePath
SelectClipPath
GetClipBox
GetStockObject
Rectangle
SetTextAlign
SetTextColor
SetBkMode
CreateRectRgnIndirect
CombineRgn
BeginPath
ExtTextOutA
EndPath
SetPolyFillMode
FillPath
ExtTextOutW
CreatePen
ExtCreatePen
MoveToEx
LineTo
CreateCompatibleDC
DeleteDC
BitBlt
MaskBlt
SelectObject
SaveDC
RestoreDC
SelectClipRgn
SetBrushOrgEx
PatBlt
SetROP2
StretchDIBits
SetStretchBltMode
DeleteObject

Exports

Exports

DllMain
GetClass
InstallModule
RunKXModuleCmd

Sections

.text
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ab6a58e9c7efff3efe184cbb2efe104

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 221KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 72KB - Virtual size: 77KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 224KB - Virtual size: 221KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 72KB - Virtual size: 77KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 8KB