3fabb5ad59bb92ba2b5ef450f89ffa32f601d9eedd1b707fa9fcbe5bbbf43d1d

Sharing

Copy URL Twitter E-mail

General

Target

3fabb5ad59bb92ba2b5ef450f89ffa32f601d9eedd1b707fa9fcbe5bbbf43d1d
Size

224KB
MD5

021319d9d4ab04fcbf3eeaa74ef088c0
SHA1

f59861253fb0322d08f5e8032fb67fe8c752f30a
SHA256

3fabb5ad59bb92ba2b5ef450f89ffa32f601d9eedd1b707fa9fcbe5bbbf43d1d
SHA512

85e4cd2310cb8a777922d81388371bbaa1cc16505a1776b6f13a93b82095001b838ccf8388d336114a64a1f269766f137fc89bd6088b6e62c1b584ac20767dc4
SSDEEP

3072:dodjcuuKORAbMT0pkl6Yif/HarIZAz8Kn8Qrh3PY9LlVPf/VYcf:do9yRAbugYinar+Kn8MhkPVY

Score

N/A

Malware Config

Signatures

Files

3fabb5ad59bb92ba2b5ef450f89ffa32f601d9eedd1b707fa9fcbe5bbbf43d1d
.dll windows x86

d5f7ed142b342d96e4d59899c3bc5257

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
CloseHandle
DeleteCriticalSection
EnterCriticalSection
FoldStringA
GetCurrentProcess
GetCurrentThread
GetFileAttributesW
GetLastError
GetLongPathNameW
InterlockedCompareExchange
InterlockedExchange
LeaveCriticalSection
LocalAlloc
LocalFree
LockFile
RaiseException
SetDefaultCommConfigA
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
lstrlenW
IsBadReadPtr
ExitProcess
GetProcAddress
GetModuleHandleA
GetLogicalDrives
WideCharToMultiByte
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryW
GetFullPathNameW
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
FatalAppExitA
WriteConsoleA
CreateFileA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetDriveTypeA
GetCurrentDirectoryA
GetFullPathNameA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
IsBadWritePtr
LCMapStringA
MultiByteToWideChar
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteFile
SetFilePointer
RtlUnwind
VirtualQuery
InitializeCriticalSection
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetCPInfo
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
VirtualProtect
GetSystemInfo
LoadLibraryA
SetStdHandle
IsBadCodePtr
GetTimeZoneInformation
FlushFileBuffers
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetFileAttributesA
GetLocaleInfoW
SetConsoleCtrlHandler
CompareStringA
CompareStringW
SetEnvironmentVariableA

ole32

CoTaskMemFree
CoRevertToSelf
CLSIDFromString

oleaut32

VarI2FromR4
VariantCopy
SysReAllocString
BSTR_UserUnmarshal
BSTR_UserMarshal

user32

UnregisterClassA
EndPaint
DdeClientTransaction

Exports

Exports

eojqjtwfpux

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5f7ed142b342d96e4d59899c3bc5257

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

user32

Exports

Exports

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 56KB - Virtual size: 66KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 56KB - Virtual size: 66KB

.reloc
Size: 12KB - Virtual size: 9KB