4124a2b3e343b60d8e3db6396bb65ba222ffd72a349a2cadf21d8d5fd4d500e8

Sharing

Copy URL Twitter E-mail

General

Target

4124a2b3e343b60d8e3db6396bb65ba222ffd72a349a2cadf21d8d5fd4d500e8
Size

152KB
MD5

0d9a9f264bb9a75230593a9e56703ef0
SHA1

e390cb1d4b189db1b768617ead2cf047420a716b
SHA256

4124a2b3e343b60d8e3db6396bb65ba222ffd72a349a2cadf21d8d5fd4d500e8
SHA512

06f3e420fff746bed27fa51045515d76dbbcf4a93817ae97df52cf3a681bb0cf089413218114427efc4f4b6bc306a291df308ed6360e20ce9c5f42e31fb5d3b1
SSDEEP

3072:KGABLHH0ta0tO35ed0A91/1riY9Gzd6YYp4nGHMCDnR:KGABry9QpBo1eY9Gzd6Y0MCD

Score

N/A

Malware Config

Signatures

Files

4124a2b3e343b60d8e3db6396bb65ba222ffd72a349a2cadf21d8d5fd4d500e8
.dll windows x86

9b5c8b5bd40636aa03ad838fd4cc39f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyW
RegEnumKeyExA
RegSetValueExA
ChangeServiceConfig2A

version

VerQueryValueW
GetFileVersionInfoSizeW

kernel32

RtlUnwind
GetStringTypeW
LCMapStringW
GetHandleInformation
GetModuleHandleA
IsValidLocale
GetProcAddress
LoadLibraryA
VirtualAlloc
InterlockedDecrement
GlobalReAlloc
GetTickCount
FindResourceW
HeapReAlloc
Sleep
DeleteCriticalSection
LoadResource
lstrcpyA
CreateDirectoryW
HeapFree
CreateMutexA
lstrcpynW
CreateFileMappingW
GetThreadTimes
SearchPathA
SetThreadPriority
GetTempFileNameA
GetCurrentProcessId
SetEvent
GlobalHandle
CompareStringA
QueryPerformanceCounter
SetLastError
lstrcmpiW
ExitProcess
GetShortPathNameW
SizeofResource
HeapCreate
lstrcmpA
MapViewOfFile
LCMapStringA
WideCharToMultiByte
GetModuleFileNameA
GetConsoleMode
VirtualQuery
SetHandleCount
CopyFileA
GetStdHandle
CreateFileW
SetCurrentDirectoryW
GetLastError
InterlockedCompareExchange
CreateThread
ReleaseMutex
GetSystemTime
GetLocaleInfoW
GetLocalTime
GetModuleHandleW
CreateFileMappingA
CloseHandle
CopyFileW
CreateFileA
RaiseException
lstrcmpW
GetACP
GetConsoleCP
FindResourceA
GlobalFree
lstrcpyW
GetCPInfo
IsBadStringPtrW
GetStartupInfoA
GetLocaleInfoA
GetTimeFormatA
GetThreadLocale
GetCurrentThread
WriteFile
ResumeThread
CreateEventW
GetSystemInfo
CreateProcessW
FindResourceExW
GetStringTypeA
HeapAlloc
FreeLibrary
InterlockedIncrement
GetTempFileNameW
WriteConsoleW
lstrcatA
GetCommandLineA
GetVersion
HeapDestroy
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
IsBadWritePtr
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetFileType
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetOEMCP
FlushFileBuffers
SetStdHandle
SetEndOfFile
ReadFile
SetFilePointer
MultiByteToWideChar

Exports

Exports

Klfegvpcmn

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b5c8b5bd40636aa03ad838fd4cc39f9

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 52KB - Virtual size: 54KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 52KB - Virtual size: 54KB

.reloc
Size: 12KB - Virtual size: 9KB