bcfd90972bc96b9301e2be7f81918bc5733e35dab0faee7859be2beb4f456eff

Sharing

Copy URL Twitter E-mail

General

Target

bcfd90972bc96b9301e2be7f81918bc5733e35dab0faee7859be2beb4f456eff
Size

82KB
MD5

daba3b0d2c8dd87c070de3085981852e
SHA1

e695e29f81ef6870629edc60f94b0eb7ac9253a5
SHA256

bcfd90972bc96b9301e2be7f81918bc5733e35dab0faee7859be2beb4f456eff
SHA512

979c380ba5541553dbf0a6b2a0f82ee558aac1a978a16debd878b3962f82a6cedb514acc957d3bfa6b0a470a54df97dad233b8d3f202fb9f9df9046d92119a53
SSDEEP

1536:dbTy9ZyS7Qja/UG0XWgqMBZlSIPTT/rLey8xPklXpSgn:dqynja8G0XWgqMBrSIbT/veLxkXggn

Score

N/A

Malware Config

Signatures

Files

bcfd90972bc96b9301e2be7f81918bc5733e35dab0faee7859be2beb4f456eff
.dll windows x86

120f39d004e9d989fa364a29a8f22776

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
EnterCriticalSection
MultiByteToWideChar
FileTimeToSystemTime
SystemTimeToFileTime
lstrcpyA
GlobalFree
GlobalLock
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
FlushFileBuffers
SetStdHandle
LoadLibraryA
SetFilePointer
GetLastError
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetStdHandle
GetFileType
SetHandleCount
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetModuleHandleA
GetProcAddress
GetCommandLineA
HeapFree
WideCharToMultiByte
LeaveCriticalSection
HeapAlloc

ole32

CoTaskMemFree
StgCreateDocfile
StgOpenStorage

ltkrn13n

ord196
ord110
ord111
ord162
ord282
ord283

lffpx7

ord57
ord55
ord58
ord56
ord54
ord50
ord64
ord49
ord60
ord23
ord20
ord36
ord126
ord33
ord31
ord29
ord17
ord66
ord68
ord70
ord72
ord74
ord76
ord140
ord141
ord59
ord61
ord63
ord65
ord67
ord69
ord71
ord73
ord75
ord77
ord2
ord10
ord5
ord7
ord3
ord47
ord53
ord62
ord51

Exports

Exports

DllMain
fltDeletePage
fltEnumDimensions
fltGetComment
fltGetDimension
fltGetStamp
fltGetTransforms
fltInfo
fltLoad
fltSave
fltSetComment
fltSetStamp
fltSetTransforms
fltSizeComment

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

120f39d004e9d989fa364a29a8f22776

Headers

File Characteristics

Imports

kernel32

ole32

ltkrn13n

lffpx7

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 7KB - Virtual size: 11KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 7KB - Virtual size: 11KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB