560209dc3bdf98e35340acf99f7db329881bbee864746324a862c926837f3545

Sharing

Copy URL Twitter E-mail

General

Target

560209dc3bdf98e35340acf99f7db329881bbee864746324a862c926837f3545
Size

296KB
MD5

0870074c42cc39da0c0c09319a427dc0
SHA1

b88a219467bcdfbf881444f6ed2a5d64a1f13ec0
SHA256

560209dc3bdf98e35340acf99f7db329881bbee864746324a862c926837f3545
SHA512

dfe4ad9b35b98ddcff1ff92d4a47252b606ea1bca67f28d1667c5cd68946e63845c8ddf9e14a61b9b932b0da57ffb539a596e8bf22aa30d4292d43282941fec8
SSDEEP

6144:I4aCIkuRB0lNiif3OTL6grAOttxtdEdQioyg:I4MkXziAOTL6grftdEdQ1v

Score

N/A

Malware Config

Signatures

Files

560209dc3bdf98e35340acf99f7db329881bbee864746324a862c926837f3545
.dll windows x86

9b4e89b1f30527c53c49ea1b46ff4dee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
SetFilePointer
CreateFileW
FindClose
FindFirstFileW
InterlockedExchange
GetACP
GetLocaleInfoA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
InterlockedExchangeAdd
LeaveCriticalSection
EnterCriticalSection
VirtualQuery
GlobalFree
GlobalUnlock
GetModuleFileNameW
CreateDirectoryA
GetFileAttributesA
CreateDirectoryW
GetFileAttributesW
TlsSetValue
GetProcAddress
GetModuleHandleW
FreeLibrary
ReleaseMutex
UnmapViewOfFile
FindCloseChangeNotification
InterlockedDecrement
WaitForSingleObject
TlsFree
GetCurrentThreadId
MultiByteToWideChar
lstrcpyW
OutputDebugStringW
WideCharToMultiByte
GetCurrentProcessId
FindNextFileW
GetLastError
GlobalLock
GlobalAlloc
FlushFileBuffers
WritePrivateProfileStringW
WriteFile
GetTempPathA
WritePrivateProfileStringA
GetPrivateProfileIntW
GetPrivateProfileStringA
GetPrivateProfileStringW
CopyFileW
MoveFileW
MapViewOfFile
CreateFileMappingW
ExitProcess
CreateMutexW
TerminateProcess
GetCurrentProcess
FindFirstChangeNotificationW
GetLocalTime
TlsGetValue
TlsAlloc
LoadLibraryW
GetSystemInfo
GetTickCount
LoadLibraryA
GetTimeZoneInformation
GetOEMCP
GetProcessHeap
SetEnvironmentVariableA
CompareStringW
IsBadCodePtr
CompareStringA
GetDriveTypeA
GetLocaleInfoW
SetStdHandle
GetCurrentDirectoryW
DeleteFileW
CloseHandle
InterlockedIncrement
RtlUnwind
HeapFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetCommandLineA
GetVersionExA
HeapAlloc
LCMapStringA
LCMapStringW
GetCPInfo
SetUnhandledExceptionFilter
SetLastError
GetModuleHandleA
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetFullPathNameW
GetCurrentDirectoryA
VirtualProtect
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadReadPtr

user32

MessageBoxW
wsprintfW

ole32

CoUninitialize
CoInitialize

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wintrust

WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WinVerifyTrust
WTHelperGetProvCertFromChain

crypt32

CertGetNameStringW

Exports

Exports

XvClose
XvGcid
XvMediaDataSize
XvOpenA
XvOpenW
XvRead
XvVersion

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9b4e89b1f30527c53c49ea1b46ff4dee

Headers

File Characteristics

Imports

kernel32

user32

ole32

version

wintrust

crypt32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 12KB - Virtual size: 11KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 12KB - Virtual size: 11KB

.rmnet
Size: 60KB - Virtual size: 60KB