0e4ff5fcef556f8b23addbbb1f2eb1b884f455684de5828b7dbe4674f3b1935f

Sharing

Copy URL Twitter E-mail

General

Target

0e4ff5fcef556f8b23addbbb1f2eb1b884f455684de5828b7dbe4674f3b1935f
Size

86KB
MD5

0c55348c387d85afc0c5a2b76b9deb80
SHA1

ea0df5ff50dad8edc0c93d6a1cac1e793a9060f9
SHA256

0e4ff5fcef556f8b23addbbb1f2eb1b884f455684de5828b7dbe4674f3b1935f
SHA512

7703a3c49b8d5640083fd3c4ed1186762cf6bb064b6b7bda49fd42c4329b1c791be943ffe074b3806e1b76e0eae975f16ef0d45eacba43fc855332804aeb8f57
SSDEEP

1536:42TyYkw2R7gOZfc3dTkt/iydZQMjgx3lN/yUP0/4E:d+Ys7gOZfctTaaUwx3l4iM4E

Score

N/A

Malware Config

Signatures

Files

0e4ff5fcef556f8b23addbbb1f2eb1b884f455684de5828b7dbe4674f3b1935f
.dll windows x86

4180904223cd38f5273bc42c244fdf19

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
ThunkConnect32
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
SMapLS_IP_EBP_8
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
GetProcAddress
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer
GetACP
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
ThunkConnect32
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
SMapLS_IP_EBP_8
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
GetProcAddress
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer

Exports

Exports

_GetIDT_If32@8
_GetRMInts_If32@8
_GetV86Vector_If32@12
_GetVectors_If32@8
_InitIV_32@12
_InitVectors_32@8
_IsLoadComplete_32@4
_SetIDT_If32@8
_SetV86Vector_If32@12
_SetVectors_If32@16
thk_ThunkData32

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4180904223cd38f5273bc42c244fdf19

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 10KB - Virtual size: 15KB

.reloc Size: 1KB - Virtual size: 1KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 10KB - Virtual size: 15KB

.reloc
Size: 1KB - Virtual size: 1KB

.rmnet
Size: 56KB - Virtual size: 60KB