1b2e7394529f695a1c7a0a0394b8594546181a27311edd499b896350d41074c8

General

Target

1b2e7394529f695a1c7a0a0394b8594546181a27311edd499b896350d41074c8
Size

93KB
MD5

093a5123c80c16d46a0b1a544734efe5
SHA1

924816a5e03cda16c1d5fc9b376a5636914968dd
SHA256

1b2e7394529f695a1c7a0a0394b8594546181a27311edd499b896350d41074c8
SHA512

f9c79a6b1b935f9e30c999c3c6fdf56febe828d25653090fa95a8695508e5d9e3d151b4e67e6304ff74a39cbd2426ae796be3c15972a35cca13d3362c70f9f63
SSDEEP

1536:1Jxyg/4tLFPTIfuoaDiCSk8sDZiwNAv9CaBMkZem5gAO5Cte:zF/cLBTCuodhk8sd9NAv9CPksm5gAKCg

Score

N/A

Malware Config

Signatures

Files

1b2e7394529f695a1c7a0a0394b8594546181a27311edd499b896350d41074c8
.dll windows x86

81757bf5fac3a84ab2b9afd4205c02a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

hpltkrn14nu

ord192
ord212
ord188
ord189
ord196
ord137
ord175
ord125
ord126
ord101
ord109
ord179
ord158
ord284
ord191
ord190
ord282
ord283
ord100
ord129
ord141
ord285

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
SetLastError
InterlockedExchange
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
FreeLibrary
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetCurrentThreadId

user32

SetRect

gdi32

SetBkMode
DeleteDC
PatBlt
SetTextAlign
SetTextColor
SelectObject
CreateCompatibleDC
DeleteObject
CreateBitmap
GetBitmapBits

msvcr80

_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_initterm_e
_initterm
_decode_pointer
free
_encoded_null
_malloc_crt
_encode_pointer
memcpy
memset
_amsg_exit

Exports

Exports

DllMain
fltComment
fltDeletePage
fltInfo
fltLoad
fltSave

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81757bf5fac3a84ab2b9afd4205c02a7

Headers

File Characteristics

Imports

hpltkrn14nu

kernel32

user32

gdi32

msvcr80

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 64KB - Virtual size: 65KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 64KB - Virtual size: 65KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB