48b4a3c21322f54799cbece049a651da9a0c8f34677c65438203c4669de7a9eb

Sharing

Copy URL Twitter E-mail

General

Target

48b4a3c21322f54799cbece049a651da9a0c8f34677c65438203c4669de7a9eb
Size

846KB
MD5

0c1796b595bdc857731db5baf92407f9
SHA1

9869797d86458062ca42493b432600d2a95f470e
SHA256

48b4a3c21322f54799cbece049a651da9a0c8f34677c65438203c4669de7a9eb
SHA512

06993c556b22c8867802d487a1dea8547f483b0185f2a5330a5bed3a5d7a6cc439850b1bab4117f9daab52b8c00bd076601f75b67a81a5bc4a5c33274e2b83e2
SSDEEP

24576:WEblIFYf9+vvQBbzsdvukIBswn/Cs4gezgV:LsYBbzs03mEKL

Score

N/A

Malware Config

Signatures

Files

48b4a3c21322f54799cbece049a651da9a0c8f34677c65438203c4669de7a9eb
.exe windows x86

3c76f54d7e40b5606ea05ffa79fb98e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msdart

?SetSpinCount@CReaderWriterLock3@@QAE_NG@Z
?ConvertExclusiveToShared@CLKRHashTable@@QBEXXZ
??0CSingleList@@QAE@XZ
??0CLockedSingleList@@QAE@XZ
?_TryWriteLock2@CReaderWriterLock3@@AAE_NXZ
?InsertTail@CDoubleList@@QAEXQAVCListEntry@@@Z
?DeleteIf@CLKRHashTable@@QAEKP6G?AW4LK_PREDICATE@@PBXPAX@Z1@Z
?SetDefaultSpinAdjustmentFactor@CReaderWriterLock3@@SGXN@Z
?sm_wDefaultSpinCount@CReaderWriterLock2@@1GA
??0CFakeLock@@QAE@XZ
?TryReadLock@CFakeLock@@QAE_NXZ
?ReadLock@CSmallSpinLock@@QAEXXZ
?_CmpExch@CReaderWriterLock3@@AAE_NJJ@Z
?ReadOrWriteUnlock@CSpinLock@@QAEX_N@Z
?_CalcKeyHash@CLKRLinearHashTable@@ABEKK@Z
?IsWriteUnlocked@CReaderWriterLock2@@QBE_NXZ

kernel32

GetNumberOfConsoleInputEvents
OpenWaitableTimerA
SetFileApisToOEM
SetFileAttributesW
CopyLZFile
OpenWaitableTimerW
GetConsoleWindow
DefineDosDeviceA
SetNamedPipeHandleState
DosPathToSessionPathA
GetThreadLocale
DeleteVolumeMountPointW
VerifyConsoleIoHandle
EnumDateFormatsExA
HeapReAlloc
SignalObjectAndWait
InitializeCriticalSection
IsProcessInJob
ReplaceFileW
GetCurrentDirectoryA
SetThreadContext
LoadLibraryA
SetFileTime
GetEnvironmentStrings
BaseUpdateAppcompatCache
GlobalReAlloc
GetFullPathNameA
EnumCalendarInfoW
GetComputerNameA
VerLanguageNameW
QueryMemoryResourceNotification
CreateSemaphoreW
SetConsoleMode
WritePrivateProfileSectionW
DebugBreak
GetConsoleCommandHistoryLengthW
QueryPerformanceCounter
SetUnhandledExceptionFilter
EndUpdateResourceA
EnumCalendarInfoExW
FoldStringW
FindNextFileW
GetNamedPipeHandleStateA
IsValidCodePage
GetConsoleCommandHistoryW
VirtualAlloc

dnsapi

DnsNotifyResolver
DnsNameCompareEx_W
DnsFlushResolverCacheEntry_UTF8
Dns_SendEx
DnsAcquireContextHandle_W
DnsDhcpSrvRegisterTerm
DnsReplaceRecordSetW
DnsFreeConfigStructure
Dns_WriteRecordStructureToPacketEx
Dns_AddRecordsToMessage
DnsFree
NetInfo_ResetServerPriorities
Reg_ReadGlobalsEx
DnsUtf8ToUnicode
NetInfo_Clean
NetInfo_Copy
Dns_InitializeMsgRemoteSockaddr
DnsGetPrimaryDomainName_A
DnsApiFree
DnsRecordCopyEx
DnsApiSetDebugGlobals
DnsRecordSetCompare

Sections

.text
Size: 756KB - Virtual size: 755KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c76f54d7e40b5606ea05ffa79fb98e6

Headers

DLL Characteristics

File Characteristics

Imports

msdart

kernel32

dnsapi

Sections

.text Size: 756KB - Virtual size: 755KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 4KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 1008B

.text
Size: 756KB - Virtual size: 755KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 4KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 1008B