36d65b79dfd5ca03d3665ff1874a9aae1ba0d4c8fb8355e3e23769c74a827fd6

Sharing

Copy URL Twitter E-mail

General

Target

36d65b79dfd5ca03d3665ff1874a9aae1ba0d4c8fb8355e3e23769c74a827fd6
Size

280KB
MD5

018d1004ef0a279d81e14e2b60817154
SHA1

f3364ec355f3f7577d14fec20bc62e9bf7dc2106
SHA256

36d65b79dfd5ca03d3665ff1874a9aae1ba0d4c8fb8355e3e23769c74a827fd6
SHA512

c81b9809ad5fc052096119f4f3168fcdf96c01e811323c1d7bc492d3b6ddd249a58442ed089dc521fc596a9c69d33b1797aada520afc88c6fc8e5fed9b558042
SSDEEP

6144:pKZp3KNjVtvLKRurKKKcKKKKKKKKKKKKKKKKKKKKKKKKKz2NKwoK/QLIt8n8u3u/:pCxKNj7O2sQQLI6hsf3

Score

N/A

Malware Config

Signatures

Files

36d65b79dfd5ca03d3665ff1874a9aae1ba0d4c8fb8355e3e23769c74a827fd6
.dll windows x86

a68d51a78b7115c1573487ba15fe0cde

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetFileAttributesExW
CloseHandle
CreateProcessW
InterlockedIncrement
InterlockedDecrement
RtlUnwind
RaiseException
ExitProcess
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
WriteFile
FlushFileBuffers
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
InterlockedExchange
VirtualQuery
InitializeCriticalSection
SetStdHandle
ReadFile
CreateFileW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetEndOfFile
VirtualProtect
GetSystemInfo
GetLocaleInfoW

shell32

ShellExecuteExW
SHGetFolderPathW

Exports

Exports

DisplayAdobeHelpClientPage
GetAdobeHelpClientVersion
InitializeAdobeHelpClient

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a68d51a78b7115c1573487ba15fe0cde

Headers

File Characteristics

Imports

kernel32

shell32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 944B

.reloc Size: 8KB - Virtual size: 5KB

.text Size: 168KB - Virtual size: 168KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 944B

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 168KB - Virtual size: 168KB