85ef2c464ecdbacd88c30da520d3793628d044536162ce8fa8785cf2adab6f41

Sharing

Copy URL Twitter E-mail

General

Target

85ef2c464ecdbacd88c30da520d3793628d044536162ce8fa8785cf2adab6f41
Size

160KB
MD5

0cc27ea49eb8b8b14dc0d116405e3760
SHA1

fb95dbf31a8e3f4cc0aaee1843cddaadfbc766fc
SHA256

85ef2c464ecdbacd88c30da520d3793628d044536162ce8fa8785cf2adab6f41
SHA512

ff379a183d9e77a622060790d53e8f04ef81fc42335fd0182ae50dc53c5e24dfe1ef99e8a8804eaad9a0e79a3f3a990be53a35a4de874fe976013bdb2d0b8d02
SSDEEP

3072:fAAUaifyqhfljfwcdkdKrcCis+zkudoOh55aS9omcFLFZ:fAAUa2yqVxtkdGbitzxh55aocFx

Score

N/A

Malware Config

Signatures

Files

85ef2c464ecdbacd88c30da520d3793628d044536162ce8fa8785cf2adab6f41
.dll windows x86

f97878c410d4f892a0e0db0a53ae077f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegFlushKey
RegEnumKeyExW
RegSetValueExW
CloseServiceHandle
RegDeleteKeyA
RegDeleteValueW
RegCloseKey
EqualSid
RegDeleteValueA
GetTokenInformation
RegSetValueExA

version

GetFileVersionInfoSizeW
GetFileVersionInfoSizeA

kernel32

RtlUnwind
GetStringTypeW
GetStringTypeA
IsValidLocale
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetHandleInformation
VirtualAlloc
LCMapStringW
RaiseException
ExpandEnvironmentStringsA
GetThreadLocale
EnumSystemLocalesA
GetFileTime
IsValidCodePage
MapViewOfFile
ExitThread
GetVersion
lstrcpyW
LoadResource
LCMapStringA
LoadLibraryW
GetCurrentProcessId
SetFilePointer
ExitProcess
GetCurrentDirectoryA
lstrcmpA
CompareStringA
FormatMessageA
CreateDirectoryW
CreateEventW
lstrlenW
FindResourceW
IsBadWritePtr
GetVersionExW
GetStartupInfoA
SizeofResource
GetProcessHeap
SetLastError
DeleteCriticalSection
GetTempFileNameA
SearchPathW
Sleep
HeapSize
SetCurrentDirectoryA
SuspendThread
GetCPInfo
WaitForSingleObject
InterlockedDecrement
SetEvent
InterlockedExchange
CopyFileA
lstrcatA
SetStdHandle
InterlockedIncrement
CreateFileMappingW
SetEnvironmentVariableA
WriteConsoleW
CreateProcessA
GetStdHandle
LeaveCriticalSection
LocalFree
CreateMutexW
GlobalFree
GetStartupInfoW
GlobalHandle
lstrcmpW
CreateThread
GetLocalTime
lstrcpyA
lstrcmpiA
GetSystemTime
HeapAlloc
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InitializeCriticalSection
EnterCriticalSection
FatalAppExitA
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetFileType
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
CloseHandle
CreateFileA
UnhandledExceptionFilter
GetACP
GetOEMCP
FlushFileBuffers
SetEndOfFile
ReadFile
MultiByteToWideChar

Exports

Exports

HBIE

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f97878c410d4f892a0e0db0a53ae077f

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 52KB - Virtual size: 54KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 52KB - Virtual size: 54KB

.reloc
Size: 12KB - Virtual size: 11KB