b3b983835268595707ed1c4e8f5f2ff52ba67b7a8bf018318d0e171c6373ce62

Sharing

Copy URL Twitter E-mail

General

Target

b3b983835268595707ed1c4e8f5f2ff52ba67b7a8bf018318d0e171c6373ce62
Size

32KB
MD5

711d6f039186feb5194f2f2f86adbca4
SHA1

7ed27d9dc89cdc6bcf3c4ef7adca812416e32597
SHA256

b3b983835268595707ed1c4e8f5f2ff52ba67b7a8bf018318d0e171c6373ce62
SHA512

43165728dc6ff77f559f5c30f42c49ca8502554332f09eaf5045e378b760fa21184719ff36d2603d757e09eb0010a6c5f5ad41ad843ab998923f77baedf9ff82
SSDEEP

192:LcS8qk/bT/t7VVJV/1l4HZlGz4Oa3Xu6CkqDps4pLeDQ/fuQ7:Lc5T/tJVJV/1uZzOWe6QjIDQ/G0

Score

N/A

Malware Config

Signatures

Files

b3b983835268595707ed1c4e8f5f2ff52ba67b7a8bf018318d0e171c6373ce62
.dll windows x86

e362847d6097ce72a81faf64ee0caf01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rtmalapiv01.00

?GetClassNameW@CSystem@@UAEPA_WXZ
?GetType@CSystem@@UAEKXZ
??1CMalSystem@@UAE@XZ
??0CMalSystem@@QAE@XZ
?IsInMal@CMalSystem@@UAEHXZ
?IsMalNode@CMalNode@@UAEHXZ
?CreateChildNode@CMalNode@@UAEPAV1@GG@Z
?GetChildNodeCount@CMalNode@@UAEGXZ
?GetChildNode@CMalNode@@UAEPAVCNode@@G@Z
?ReadChildNodeList@CMalNode@@UAEJPAUIXMLDOMNode@@@Z
?ReadParameter@CNode@@QAEJPA_WPAUtagVARIANT@@@Z
?IsMalNode@CNode@@UAEHXZ
?InitLibrary@CMalNode@@SAJPA_W@Z
?ExitLibrary@CMalNode@@SAJXZ
?ReadParameterList@CMalConfigurationBase@@UAEJPAUIXMLDOMNode@@@Z
?GetChildNodeCount@CMalConfigurationBase@@UAEGXZ
?GetChildNode@CMalConfigurationBase@@UAEPAVCNode@@G@Z
?Clear@CMalConfigurationBase@@QAEXXZ
?ReadChildNodeList@CMalConfigurationBase@@UAEJPAUIXMLDOMNode@@@Z
?GetType@CNode@@UAEKXZ
?IsChannel@CNode@@UAEHXZ
?Init@CNode@@UAEJXZ
?InitForAcquisition@CNode@@UAEJXZ
?ExitFromAcquisition@CNode@@UAEJXZ
??0CMalConfiguration@@QAE@XZ
??1CMalConfiguration@@UAE@XZ
?TraceInformation@CMalConfiguration@@SAXPA_W0@Z
?ReadParameterList@CSystem@@UAEJPAUIXMLDOMNode@@@Z

kernel32

TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
CloseHandle
CreateEventW

msvcr80

_amsg_exit
_adjust_fdiv
_initterm
free
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
__dllonexit
_encode_pointer
_unlock
??2@YAPAXI@Z
??3@YAXPAX@Z
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_initterm_e
__CxxFrameHandler3

Exports

Exports

DetectHardware
ExecuteCommand
ExitDriver
FinishAcquisition
GetPacketValue
InitDriver
InitHardware
PrepareAcquisition
ResetHardware
SetCallbacks
SetPacketValue
StartAcquisition
StopAcquisition
SyncHardware

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e362847d6097ce72a81faf64ee0caf01

Headers

File Characteristics

Imports

rtmalapiv01.00

kernel32

msvcr80

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB