76fe8254573ddff4ac6a76ccbfce64cf4dc281d4bf2e1be61789cec6b3e6b872

Sharing

Copy URL Twitter E-mail

General

Target

76fe8254573ddff4ac6a76ccbfce64cf4dc281d4bf2e1be61789cec6b3e6b872
Size

224KB
MD5

28e8e4184fcd4a39cf6066ecf6aa1480
SHA1

a82f5d715496d9dc82c1d1ac46720c62d6437505
SHA256

76fe8254573ddff4ac6a76ccbfce64cf4dc281d4bf2e1be61789cec6b3e6b872
SHA512

0b78f879ed57f011c2264373391c3dbbe56a7a9c82bad0eb2fd62ba9b7d583d182647f7c464bc3ae6be3965d37ecb869599259f20f2703524c517ab85378cfa9
SSDEEP

3072:k8hLI0FpkquF/dUVvO0sqJ+vibsIyPz7yaRJNR6Uov5b+Std4uP:7UYpkd1yp+vqsIkz7RUb2

Score

N/A

Malware Config

Signatures

Files

76fe8254573ddff4ac6a76ccbfce64cf4dc281d4bf2e1be61789cec6b3e6b872
.dll windows x86

dd8ba451adc29c6b21b8f8a2d4af29a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
InterlockedCompareExchange
GetTickCount
Sleep
CreateFileA
WriteFile
FileTimeToSystemTime
FindFirstFileA
GetLocalTime
FindNextFileA
GetCurrentThreadId
OutputDebugStringA
CloseHandle
DeleteFileA
SetEvent
CreateEventA
GetLastError
TerminateThread
CreateThread
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
WaitForSingleObject
CreateEventW
WaitForMultipleObjects
SignalObjectAndWait
ResetEvent
InterlockedExchangeAdd
CreateMutexA
ReleaseMutex
VirtualQuery
GetModuleFileNameA
SetEndOfFile
ReadFile
GetModuleHandleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
GetCommandLineA
RaiseException
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleW
GetProcAddress
ExitProcess
GetStdHandle
WideCharToMultiByte
GetTimeZoneInformation
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
HeapSize
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LoadLibraryA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetProcessHeap

ole32

CoInitialize
CoUninitialize
CoCreateGuid

shlwapi

PathIsDirectoryA

Exports

Exports

GDP_manager
destroy

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd8ba451adc29c6b21b8f8a2d4af29a5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

shlwapi

Exports

Exports

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 9KB - Virtual size: 22KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 9KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 9KB - Virtual size: 22KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 9KB

.rmnet
Size: 56KB - Virtual size: 60KB