3e06d99c26aa7daf9040937a2bd8c1ea0f274abb70c798f5859db4ca4fc310f2

Sharing

Copy URL Twitter E-mail

General

Target

3e06d99c26aa7daf9040937a2bd8c1ea0f274abb70c798f5859db4ca4fc310f2
Size

207KB
MD5

130adef711689e8e7b70ddf50524e230
SHA1

6c53810fa89a6648d32a9340400d503f91f22c8c
SHA256

3e06d99c26aa7daf9040937a2bd8c1ea0f274abb70c798f5859db4ca4fc310f2
SHA512

468805cbb48859a3be8e3db020f91f3a8a239194e71d0d7c6f0192d507d4c15b64ca1bd2f0a7505a104062ae0a074b1331b5168ed984305c3451e9c5ebbd4754
SSDEEP

3072:VDUbu/GsVwSPe9VSIFLwfc9TBfNTd5WnxrXmSFB9srb3+Sbzm:ZU3WwSy8c9TBdGn1h8L+Sf

Score

N/A

Malware Config

Signatures

Files

3e06d99c26aa7daf9040937a2bd8c1ea0f274abb70c798f5859db4ca4fc310f2
.dll windows x86

e07f48095153d0e038099b8d719882cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetLastError
HeapAlloc
GetProcessHeap
WideCharToMultiByte
HeapFree
CreateFileW
CloseHandle
GetFileSize
WriteFile
ReadFile
HeapReAlloc
SetFilePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetStdHandle
GetModuleFileNameA
LCMapStringA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetConsoleCP
GetConsoleMode
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers

pluginkernel

ord2

commonlib

?GetDataLength@CMyBuffer@Buffer@Common@@QBEHXZ
?ToArray@CMyBuffer@Buffer@Common@@QBEPBDXZ
ord1
??1CMyBuffer@Buffer@Common@@QAE@XZ
??0CMyBuffer@Buffer@Common@@QAE@XZ
ord2

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e07f48095153d0e038099b8d719882cc

Headers

File Characteristics

Imports

kernel32

pluginkernel

commonlib

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 4KB - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 7KB - Virtual size: 7KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 4KB - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 7KB - Virtual size: 7KB

.rmnet
Size: 56KB - Virtual size: 60KB