294e5145491d21597cb5d2af05fcd8ca003049744cf7f07a92855bd3d14e69c8

General

Target

294e5145491d21597cb5d2af05fcd8ca003049744cf7f07a92855bd3d14e69c8
Size

138KB
MD5

320caeec732246ec00705687166a3160
SHA1

9f61c8ecbf78f5903b14875627e85234c6be86c6
SHA256

294e5145491d21597cb5d2af05fcd8ca003049744cf7f07a92855bd3d14e69c8
SHA512

50cafd2362ad34882047a6c904b02cba79dbf4316b9ba9479ea68d11a78b62ef5a5bfd484ebb076ae5271ab2c837b99bc0d5851fb5d91fcd56d656bccfa56c87
SSDEEP

3072:QS7kzow3Ci3hoIdacANvi1MECxYf/nWHN:Qwg3E2acYY/nuN

Score

N/A

Malware Config

Signatures

Files

294e5145491d21597cb5d2af05fcd8ca003049744cf7f07a92855bd3d14e69c8
.dll windows x86

a71cbef37067785042210c794a35d673

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumDateFormatsA
RaiseException
FindFirstFileA
InterlockedCompareExchange
SetThreadContext
FindVolumeMountPointClose
CreateMutexW
CommConfigDialogA
ExpandEnvironmentStringsW
DnsHostnameToComputerNameW
GetProcAddress
MapUserPhysicalPages
GetCurrentProcessId
ReplaceFileA
GetCPInfo
GetCurrentDirectoryW
BindIoCompletionCallback
GetLocaleInfoW
GetSystemDefaultLangID
lstrlenA
OutputDebugStringW
HeapCompact
FindCloseChangeNotification
UpdateResourceW
EnumResourceNamesW
UnlockFile
GetVolumeNameForVolumeMountPointW
SignalObjectAndWait
LoadModule
EnumResourceLanguagesA
GetTimeFormatA
SwitchToThread
SuspendThread
GetSystemInfo
MapViewOfFileEx
GetProfileIntW
GetProfileStringA
FatalAppExitA
CompareStringW
GetAtomNameA
GetThreadContext
SetStdHandle
SetLocalTime
_lread
GetCalendarInfoA
SetCalendarInfoA
SystemTimeToFileTime
GetNumberFormatA
GetSystemTime
FileTimeToSystemTime
DisableThreadLibraryCalls
MoveFileA
GlobalUnfix

advapi32

FreeSid
AllocateAndInitializeSid

Exports

Exports

NaBeginTTooken

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a71cbef37067785042210c794a35d673

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.data Size: 48KB - Virtual size: 75KB

.rsrc Size: 47KB - Virtual size: 47KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 39KB

.data
Size: 48KB - Virtual size: 75KB

.rsrc
Size: 47KB - Virtual size: 47KB

.reloc
Size: 2KB - Virtual size: 1KB