cf617e8fc95d0c040fdb7d462181d21e4f988c406c9fb1545eb270030b7e3efa

Sharing

Copy URL

Twitter E-mail

General

Target

cf617e8fc95d0c040fdb7d462181d21e4f988c406c9fb1545eb270030b7e3efa
Size

377KB
MD5

1c39c87663d517ce9d08006167ed5cc3
SHA1

09fcc5bd5aed172db6e9ade461576ba2a81bf8be
SHA256

cf617e8fc95d0c040fdb7d462181d21e4f988c406c9fb1545eb270030b7e3efa
SHA512

d367aaa6f8d25941e7c7e6f9f78f20fed11c8a098e29619428a0b33998d0c5c6ee2e9bdb39d0830bb00dc8663e86c4b0a59c4b7bb128c723bb27157ce1e249b7
SSDEEP

6144:6mNegonFhyT43MVrbAMTJE2LrRohJF3bmNegonFhyT43MVrbAMTJE2LLRohJF:6uxonFgE38NpoHdbuxonFgE38NBoH

Score

N/A

Malware Config

Signatures

Files

cf617e8fc95d0c040fdb7d462181d21e4f988c406c9fb1545eb270030b7e3efa
.dll windows x64

cb1e8ef69caee27749e9f7dc46ee65a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateFileA
GetFileType
SetFileTime
CloseHandle
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
GetCurrentProcessId
ExitProcess
CreateThread
ResumeThread
VirtualAlloc
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
SwitchToFiber
CreateFiber
CreateFileMappingA
OpenFileMappingA
LoadLibraryA
CreateNamedPipeA
WaitNamedPipeA
CreateActCtxA
ReleaseActCtx
ActivateActCtx
DeactivateActCtx
WriteConsoleW
GetStringTypeW
GetModuleHandleExW
SetFilePointerEx
ReadConsoleW
ReadFile
SetEndOfFile
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
DeleteCriticalSection
SetLastError
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
TlsGetValue
TlsSetValue
FreeLibrary
LoadLibraryExW
LCMapStringW
CreateFileW
RaiseException
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
FlushFileBuffers
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetStdHandle
MultiByteToWideChar
RtlUnwindEx

api-ms-win-crt-math-l1-1-0

sqrt

api-ms-win-crt-heap-l1-1-0

free
realloc
malloc

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

cbprun

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb1e8ef69caee27749e9f7dc46ee65a4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-environment-l1-1-0

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 7KB - Virtual size: 11KB

.pdata Size: 5KB - Virtual size: 4KB

.gfids Size: 512B - Virtual size: 28B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 7KB - Virtual size: 11KB

.pdata
Size: 5KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 28B

.reloc
Size: 1KB - Virtual size: 1KB