215c6d869038a2bc0ec9925cc4c6ce0709fa0ee38caaf471670d7d697fe9a38a

Sharing

Copy URL

Twitter E-mail

General

Target

215c6d869038a2bc0ec9925cc4c6ce0709fa0ee38caaf471670d7d697fe9a38a
Size

135KB
MD5

11d37ed46cc51511d7f06962b43796c0
SHA1

251e8fa2287915bd14824aaee039a941e7c6e51c
SHA256

215c6d869038a2bc0ec9925cc4c6ce0709fa0ee38caaf471670d7d697fe9a38a
SHA512

392749b4c0e89f16b4c88025ffc0f59ace44c854f926e9b6e42d19793ed1d0b8c80e299078f9dfaa4fa9e551807288896167197456a3dc9a229317a2426ed540
SSDEEP

3072:pR7HPkdbHiwrFTQ1Ir1Bl8L4ZTgZ3WxbxHlVMvUmVZaIA3:vkbHiaFTsulPLZxrMr

Score

N/A

Malware Config

Signatures

Files

215c6d869038a2bc0ec9925cc4c6ce0709fa0ee38caaf471670d7d697fe9a38a
.dll windows x86

1e3a275b2330989593e14ea3c3e8148a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
CloseHandle
InitializeCriticalSection
VirtualFree
HeapAlloc
HeapDestroy
GetCurrentProcess
HeapCreate
ExitProcess
TerminateProcess
TlsGetValue
SetLastError
GetLastError
TlsAlloc
TlsSetValue
TlsFree
GetVersion
GetModuleHandleA
GetCurrentThreadId
GetLocaleInfoW
GetLocaleInfoA
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
LoadLibraryA
VirtualAlloc
SetFilePointer
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA
GetCPInfo
WriteFile
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCommandLineA
GetProcAddress
DeleteCriticalSection
GetStartupInfoA
GetStdHandle
lstrcpyA
GetFileType
SetHandleCount

user32

CopyRect

gdi32

GetNearestPaletteIndex
RealizePalette
SelectPalette
DeleteObject

ltkrn11n

ord190
ord179
ord192
ord188
ord196
ord189
ord101
ord163
ord134
ord120
ord117
ord123
ord129
ord122
ord100
ord174
ord141
ord125
ord191

lvkrn11n

ord201
ord215
ord206
ord208
ord101
ord247
ord240
ord243
ord212
ord223
ord225
ord232
ord228
ord227
ord233
ord234
ord200
ord203
ord204
ord244
ord221
ord241
ord245
ord219
ord218
ord239
ord222
ord242
ord211
ord210
ord209
ord213
ord112
ord110
ord237
ord100
ord102
ord238
ord214
ord217
ord207
ord216

Exports

Exports

DllMain
fltInfo
fltLoad
fltSave

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e3a275b2330989593e14ea3c3e8148a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ltkrn11n

lvkrn11n

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 13KB - Virtual size: 18KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 13KB - Virtual size: 18KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.rmnet
Size: 56KB - Virtual size: 60KB