7ba77fba232acc29eaa6c99816ff42229adf90e2bee7aec12d8d485ec4cc23a4

Sharing

Copy URL Twitter E-mail

General

Target

7ba77fba232acc29eaa6c99816ff42229adf90e2bee7aec12d8d485ec4cc23a4
Size

75KB
MD5

a6f09b3e6c36a872c3fbfea01164994f
SHA1

5648d34ca88aece8fad74b530e90ad65704f15b4
SHA256

7ba77fba232acc29eaa6c99816ff42229adf90e2bee7aec12d8d485ec4cc23a4
SHA512

10304559b56eb39438d2bbe5fe01dff92d4cd50993d47a96891baae1a628f4c19429c5a3eb939f80e091856b3913afbdff5267ae230cc36aeb853a082aed0053
SSDEEP

1536:iCoSi0278z5mk1E7F3Z80vIbdjP9NVifCrbgCUH0L7:ijSi0t5Zi7BZ/vIhjP9NuKgCUW

Score

N/A

Malware Config

Signatures

Files

7ba77fba232acc29eaa6c99816ff42229adf90e2bee7aec12d8d485ec4cc23a4
.dll windows x86

2e923ddcac77a8012bc36e700c3216c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
SetStdHandle
FlushFileBuffers
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrcpyA
OutputDebugStringA
MulDiv
CopyFileA
DeleteFileA
LoadLibraryA
GetProcAddress
IsBadWritePtr
GetStartupInfoA
GetStringTypeA
LCMapStringW
LCMapStringA
VirtualAlloc
GetLastError
HeapFree
GetStringTypeW
IsBadReadPtr
FreeLibrary
HeapValidate
GetModuleFileNameA
DebugBreak
HeapAlloc
InterlockedDecrement
GetCommandLineA
GetVersion
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
InterlockedIncrement
HeapCreate
VirtualFree
WideCharToMultiByte
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
HeapDestroy
WriteFile
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings

user32

SetRect
GetDC
ReleaseDC

gdi32

CopyMetaFileA
DeleteEnhMetaFile
GetDeviceCaps
SetEnhMetaFileBits
SetMapMode
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
SetStretchBltMode
SelectPalette
RealizePalette
PlayEnhMetaFile
DeleteObject
CreatePalette
DeleteMetaFile
PlayMetaFile
SetMetaFileBitsEx
CopyEnhMetaFileA
GetEnhMetaFilePaletteEntries

ltkrn13n

ord120
ord192
ord123
ord134
ord189
ord188
ord100
ord129
ord141
ord191
ord190
ord282
ord283
ord196
ord125
ord117
ord101

Exports

Exports

DllMain
fltInfo
fltLoad
fltSave

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e923ddcac77a8012bc36e700c3216c0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ltkrn13n

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 11KB - Virtual size: 16KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 11KB - Virtual size: 16KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB