aa02a28ab8281be8d39f34ad0d8d934361d0f4110311f5d2406307a47b8212e4

Sharing

Copy URL Twitter E-mail

General

Target

aa02a28ab8281be8d39f34ad0d8d934361d0f4110311f5d2406307a47b8212e4
Size

65KB
MD5

99893c658dbc2b4261a1bc45394c45cb
SHA1

737ada4a062fa5c2629443f062547597946cc815
SHA256

aa02a28ab8281be8d39f34ad0d8d934361d0f4110311f5d2406307a47b8212e4
SHA512

9bb45487d69f19b05b41bfdb210a177dca7d5b5a1e10c38abbd1eded846272421611cd1ba24c3b319149edad7d0be5234957268b6ca8de496e7574bfd5cc08d8
SSDEEP

1536:4fqCrETmvfyIqRoIzs/db9TMkGtpzV7ejT4Iz4:RCEH69T6tDejT4Is

Score

N/A

Malware Config

Signatures

Files

aa02a28ab8281be8d39f34ad0d8d934361d0f4110311f5d2406307a47b8212e4
.dll windows x86

8e002f45a1ee9ae68c2e3ae175b1ddd6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
ReleaseSemaphore
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SetUnhandledExceptionFilter
CloseHandle
GetProcessId
VirtualQueryEx
CreateFileW
GetCurrentProcess
InterlockedDecrement
DeleteCriticalSection
RtlCaptureContext
GetProcAddress
LoadLibraryW
CreateThread
CreateSemaphoreW
InitializeCriticalSection
InterlockedIncrement
WaitNamedPipeW
GetLastError
WaitForMultipleObjects
SetEvent
ResetEvent
WriteFile
TransactNamedPipe
GetCurrentProcessId
SetNamedPipeHandleState
Sleep
DecodePointer
GetCommandLineA
RaiseException
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
EncodePointer
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetModuleHandleW
ExitProcess
IsProcessorFeaturePresent
HeapFree
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleFileNameW
HeapReAlloc
HeapSize
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringW
GetStringTypeW
FlushFileBuffers
SetStdHandle
WriteConsoleW

Exports

Exports

Start

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e002f45a1ee9ae68c2e3ae175b1ddd6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 1024B - Virtual size: 848B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 1024B - Virtual size: 848B

.reloc
Size: 6KB - Virtual size: 5KB