381c0c8905db10fdb239d0c06b5a525b6da4d3883dc7d5afd31e0260812b821b

Sharing

Copy URL Twitter E-mail

General

Target

381c0c8905db10fdb239d0c06b5a525b6da4d3883dc7d5afd31e0260812b821b
Size

144KB
MD5

0904c9d5f692ba7580030a8007454b70
SHA1

c4a9ad7b76ef8ec955a9c4dd118f36186309aa2e
SHA256

381c0c8905db10fdb239d0c06b5a525b6da4d3883dc7d5afd31e0260812b821b
SHA512

438b1e87c5529afe9a494948ed6a46a9273012956f158ff94698de32a162e5989ba65efe3d985b50b3400a37c10c0fe79dfaaa88c52f25c222528baf050150a9
SSDEEP

3072:pXT39tH99ToEADyttL92DNL+TUqzr3P81eFOPNT5WgeC:pD7dGzebPgerUMo1eC

Score

N/A

Malware Config

Signatures

Files

381c0c8905db10fdb239d0c06b5a525b6da4d3883dc7d5afd31e0260812b821b
.dll windows x86

211fca7834cf4211e69421c0c245a9b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
WaitForSingleObject
CreateRemoteThread
CreateProcessA
FlushInstructionCache
GetProcAddress
VirtualProtectEx
VirtualAllocEx
GetModuleHandleA
CloseHandle
WriteProcessMemory
SuspendThread
ResumeThread
VirtualQuery
FreeLibrary
GetCurrentProcess
GetEnvironmentStrings
GetModuleFileNameW
SetThreadContext
LoadLibraryA
VirtualProtect
GetFileSize
SetFilePointer
MapViewOfFile
UnmapViewOfFile
WriteFile
WideCharToMultiByte
CreateFileMappingA
LoadLibraryExW
InterlockedIncrement
TlsSetValue
LoadLibraryW
TerminateProcess
LoadLibraryExA
TlsAlloc
TlsFree
DeleteFileA
SetLastError
GetThreadContext
IsBadReadPtr
SetUnhandledExceptionFilter
GetLastError
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapFree
HeapAlloc
ExitProcess
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
IsBadWritePtr
RtlUnwind
InterlockedExchange
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetACP
GetOEMCP
InitializeCriticalSection
GetSystemInfo
LCMapStringA
LCMapStringW
HeapSize
IsBadCodePtr

forcedll

ForceDLL

d3d8

Direct3DCreate8

d3d9

Direct3DCreate9

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MY_SHARE
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

211fca7834cf4211e69421c0c245a9b2

Headers

File Characteristics

Imports

kernel32

forcedll

d3d8

d3d9

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 4KB

MY_SHARE Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 752B

.reloc Size: 8KB - Virtual size: 5KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 4KB

MY_SHARE
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 752B

.reloc
Size: 8KB - Virtual size: 5KB

.rmnet
Size: 60KB - Virtual size: 60KB