80de4b8695b42854e63ec2e1834510c86881510cce5d11b02a563aa077dbfba7

Sharing

Copy URL Twitter E-mail

General

Target

80de4b8695b42854e63ec2e1834510c86881510cce5d11b02a563aa077dbfba7
Size

383KB
MD5

6de1be4520de7be9571a52d8c091761a
SHA1

95956be1613d13f5f87341430fcf201df8fc09a7
SHA256

80de4b8695b42854e63ec2e1834510c86881510cce5d11b02a563aa077dbfba7
SHA512

430934b08543f2bbdec8423abd2578e072443414efd5bc5ee338e530ef04508912c879560f9b1abf4ba9d01f22159534538d4e47e57cec18f4a4e5b94249d52e
SSDEEP

6144:EKaHJY/VwBmtrM9y+9hg7HrIY3bjNwdfxeugKFSzNd16UYaj9dgT7:EPHaaUMeZ+veDMONd16UYaj9d

Score

N/A

Malware Config

Signatures

Files

80de4b8695b42854e63ec2e1834510c86881510cce5d11b02a563aa077dbfba7
.dll windows x86

26ef0f5ade7b1dada19878d21646e2e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
lstrcpyA
DeleteCriticalSection
InitializeCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
Sleep
InterlockedDecrement
InterlockedIncrement
lstrcmpA
GetCurrentProcess
SetHandleCount
FlushFileBuffers
SetStdHandle
CloseHandle
SetFilePointer
GetStringTypeA
LCMapStringW
GetStringTypeW
VirtualAlloc
GetLastError
LCMapStringA
OutputDebugStringA
HeapFree
HeapAlloc
WriteFile
DebugBreak
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
MultiByteToWideChar
FreeEnvironmentStringsA
FreeEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
GetACP
IsBadReadPtr
GetCommandLineA
GetVersion
GetModuleHandleA
ExitProcess
TerminateProcess
GetCPInfo
GetOEMCP
GetStdHandle
GetFileType
GetStartupInfoA
IsBadWritePtr
HeapValidate

ltkrn13n

ord264
ord263
ord174
ord220
ord284
ord101
ord179
ord134
ord116
ord163
ord285
ord169
ord125
ord137
ord129
ord100
ord221
ord249
ord109
ord141
ord188
ord248
ord189
ord192
ord162
ord190
ord283
ord191
ord282

Exports

Exports

DllMain
fltComment
fltCompressBuffer
fltDeletePage
fltEndCompressBuffer
fltGetExtension
fltGetStamp
fltGetTag
fltInfo
fltLoad
fltLoadBuffer
fltSave
fltSaveBuffer
fltSetComment
fltSetStamp
fltSetTag
fltStartCompressBuffer
fltTransform

Sections

.text
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26ef0f5ade7b1dada19878d21646e2e0

Headers

File Characteristics

Imports

kernel32

ltkrn13n

Exports

Exports

Sections

.text Size: 275KB - Virtual size: 275KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 92KB - Virtual size: 97KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 275KB - Virtual size: 275KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 92KB - Virtual size: 97KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 7KB