64b9cb10b41c3d0479f88a8387c119097d36f9386869ee35aca26ff787a3b004

Sharing

Copy URL Twitter E-mail

General

Target

64b9cb10b41c3d0479f88a8387c119097d36f9386869ee35aca26ff787a3b004
Size

554KB
MD5

104799fa7dd69adbcdcf5ccfdc5e4a77
SHA1

78a5a6e14620a5c0a36e7230b1536ca2ede19fec
SHA256

64b9cb10b41c3d0479f88a8387c119097d36f9386869ee35aca26ff787a3b004
SHA512

e75c24d8de6640d67f0ee4888c6a0e835090bb2a3818d3cdb9f3fa192cd52880782d5890062a37bbecff26031eb1df8906d337472229b5507616c2a9143b551a
SSDEEP

12288:IBmKVr31+g2ifpS7Evy3dpk5DEnJh18/r40eU:IBmsr3xyNpkZEJh1Ur4fU

Score

N/A

Malware Config

Signatures

Files

64b9cb10b41c3d0479f88a8387c119097d36f9386869ee35aca26ff787a3b004
.dll windows x86

e51a309848d5c8b25a98aac895fc30c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

xpcom

NS_GetServiceManager
NS_CStringContainerInit
NS_CStringContainerFinish
NS_CStringContainerInit2
NS_StringContainerInit2
NS_StringSetData
NS_StringGetData
NS_StringContainerFinish

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

GetCurrentProcessId
CloseHandle
SetEvent
CreateEventA
GetModuleHandleW
SetStdHandle
GetCurrentDirectoryW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
MultiByteToWideChar
WideCharToMultiByte
GetLastError
GetVersionExW
GetCurrentProcess
GetProcAddress
FreeLibrary
WaitForSingleObject
TerminateProcess
GetCurrentThreadId
LoadLibraryW
GetLocaleInfoW
LocalFree
GetModuleFileNameW
GetFullPathNameW
GetDriveTypeW
SetFilePointer
CreateFileW
GetLongPathNameW
SetLastError
WriteFile
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
lstrlenA
OutputDebugStringW
GetProcessHeap
HeapAlloc
HeapFree
ReleaseSemaphore
InterlockedCompareExchange
DuplicateHandle
CreateSemaphoreA
InterlockedIncrement
InterlockedExchange
GetStringTypeW
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
TlsAlloc
TlsFree
TlsGetValue
OpenEventA
ResetEvent
TlsSetValue
GetTickCount
SystemTimeToFileTime
WaitForMultipleObjects
SetWaitableTimer
CreateWaitableTimerA
FormatMessageA
HeapDestroy
HeapReAlloc
HeapSize
RaiseException
InitializeCriticalSectionAndSpinCount
WriteConsoleW
GetFileType
GetStdHandle
GetCommandLineA
RtlUnwind
GetCPInfo
LCMapStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
GetOEMCP
IsValidCodePage
IsProcessorFeaturePresent
HeapCreate
ExitProcess
SetHandleCount
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InterlockedDecrement

user32

PostMessageW
SendMessageW
DestroyWindow
RegisterClassExW
IsWindow
GetGUIThreadInfo
DefWindowProcW
EnumWindows
GetWindow
CreateWindowExW
GetWindowLongW
GetClassNameW
GetWindowThreadProcessId

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysAllocString

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

Exports

Exports

NSGetModule
NSModule

Sections

.text
Size: 351KB - Virtual size: 351KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e51a309848d5c8b25a98aac895fc30c0

Headers

DLL Characteristics

File Characteristics

Imports

xpcom

version

kernel32

user32

ole32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 351KB - Virtual size: 351KB

.rdata Size: 69KB - Virtual size: 68KB

.data Size: 16KB - Virtual size: 24KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 53KB - Virtual size: 52KB

.text Size: 62KB - Virtual size: 64KB

.text
Size: 351KB - Virtual size: 351KB

.rdata
Size: 69KB - Virtual size: 68KB

.data
Size: 16KB - Virtual size: 24KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 53KB - Virtual size: 52KB

.text
Size: 62KB - Virtual size: 64KB