2f663b37afcb10bb6e6a16bccd8beb914bab3e3271d3a9c0b72e52c270fdd03b

Sharing

Copy URL

Twitter E-mail

General

Target

2f663b37afcb10bb6e6a16bccd8beb914bab3e3271d3a9c0b72e52c270fdd03b
Size

130KB
MD5

43e1f6ffc5cb49345678bcc460876ba0
SHA1

bdee4fb7f6ae57558adccc54b2e600164e95cc3f
SHA256

2f663b37afcb10bb6e6a16bccd8beb914bab3e3271d3a9c0b72e52c270fdd03b
SHA512

7a0b6a46f3f271a8233b40ab1a4aca0250c12ab6b249e7c6a08e7433d4b6b168e119e05cbbcd97fa1f5abb0d0f96858dd948e5b345d6eee18b48a4f85ae63012
SSDEEP

3072:KjpG5EqwYpkUagFqiagA2DMNvuScvONpPmIYhJLo1s3dKxC5RyPu9ahCgsVZuBiL:KjpG5EqwYpkUagFqNgA2DMNvuScvONpw

Score

N/A

Malware Config

Signatures

Files

2f663b37afcb10bb6e6a16bccd8beb914bab3e3271d3a9c0b72e52c270fdd03b
.dll windows x86

f86b5f7bace2bc02aaabcd186cfb7b63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

iswctype
calloc
isdigit
mbtowc
isleadbyte
isxdigit
localeconv
_snprintf
_itoa
wctomb
wcstombs
realloc
__badioinfo
__pioinfo
_read
_fileno
_lseeki64
_write
_isatty
ungetc
strncmp
wcsrchr
_wcsicmp
_wcsnicmp
wcstoul
_amsg_exit
_initterm
free
malloc
_XcptFilter
_iob
__mb_cur_max
??3@YAXPAX@Z
wcschr
_vsnwprintf
_wcsupr
_wcslwr
_errno
__CxxFrameHandler
_wtoi64
wcsstr
_purecall
memset
_ui64tow
memcpy
??2@YAPAXI@Z
ferror

ntdll

RtlFreeSid
NtQuerySymbolicLinkObject
RtlGetVersion
RtlUnwind
RtlGUIDFromString
RtlDosPathNameToNtPathName_U
RtlAllocateHeap
RtlInitUnicodeString
RtlStringFromGUID
RtlFreeHeap
NtQuerySystemInformation
RtlFreeUnicodeString
NtClose
NtWaitForSingleObject
NtDeviceIoControlFile
NtCreateEvent
NtOpenFile
NtOpenKey
NtEnumerateKey
NtSetEvent
NtQueryAttributesFile
NtUnloadKey
NtLoadKey
NtAdjustPrivilegesToken
NtOpenProcessToken
NtOpenThreadToken
NtOpenSymbolicLinkObject
RtlSetOwnerSecurityDescriptor
RtlLengthSecurityDescriptor
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
RtlAddAccessAllowedAceEx
RtlCreateAcl
RtlLengthSid
RtlAllocateAndInitializeSid
NtSetSecurityObject
NtCreateKey
NtDeleteValueKey
NtQueryValueKey
NtSetValueKey
NtSaveKey
NtCreateFile
NtDeleteKey
NtAllocateUuids
LdrGetProcedureAddress
RtlInitAnsiString
NtOpenSection
NtDeleteFile
NtQueryInformationFile
NtMapViewOfSection
NtOpenEvent

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
OutputDebugStringA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetModuleFileNameW
GetLastError
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey

ole32

CoTaskMemFree
CoTaskMemAlloc

oleaut32

RegisterTypeLi
LoadTypeLi

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f86b5f7bace2bc02aaabcd186cfb7b63

Headers

File Characteristics

Imports

msvcrt

ntdll

kernel32

advapi32

ole32

oleaut32

Sections

.text Size: 100KB - Virtual size: 99KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 23KB - Virtual size: 23KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 100KB - Virtual size: 99KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 23KB - Virtual size: 23KB

.reloc
Size: 4KB - Virtual size: 3KB