9ebfe06df0467096e75e8a39ee6d6b0b7db1dca68885da79973ce4076a80449b

Sharing

Copy URL Twitter E-mail

General

Target

9ebfe06df0467096e75e8a39ee6d6b0b7db1dca68885da79973ce4076a80449b
Size

64KB
MD5

325127aae997488b2ac3bb8368defa26
SHA1

e0291bed00e8fa6ce35698b5dd769953d6347aaf
SHA256

9ebfe06df0467096e75e8a39ee6d6b0b7db1dca68885da79973ce4076a80449b
SHA512

4807451ff4a226a0e8e0eef0af282db95b934967ad570bc19edd8ff3278e9539b0ef1fe8096ae6cedbbc1a1316aa7d2e64864d36edc9122be0735fdb5d4af025
SSDEEP

768:v+oaM6ffnSb7d8SmMVbrIIYcuLSXy74w9AcvI1g0Nn6xM6uzfT:mQ6fKt8UVb2LS9w9XIgi6a6uz

Score

N/A

Malware Config

Signatures

Files

9ebfe06df0467096e75e8a39ee6d6b0b7db1dca68885da79973ce4076a80449b
.dll windows x86

59372cfc4682f7d362df3997ded11aaf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
CloseHandle
WaitForSingleObject
ReleaseMutex
GetProcAddress
FreeLibrary
SetErrorMode
LoadLibraryA
DisableThreadLibraryCalls

msvcr71

?terminate@@YAXXZ
_except_handler3
__CppXcptFilter
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
??1type_info@@UAE@XZ
strncpy
isupper
tolower
fclose
strncmp
atoi
fread
fopen
fgetpos
fsetpos
sprintf
memmove
_purecall
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??_U@YAPAXI@Z
__CxxFrameHandler
??2@YAPAXI@Z
??_V@YAXPAX@Z
??3@YAXPAX@Z
_CxxThrowException
??0exception@@QAE@ABV0@@Z
_putenv
_stricmp
strchr

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Exports

Exports

RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59372cfc4682f7d362df3997ded11aaf

Headers

File Characteristics

Imports

kernel32

msvcr71

msvcp71

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 500B

.rsrc Size: 4KB - Virtual size: 760B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 500B

.rsrc
Size: 4KB - Virtual size: 760B

.reloc
Size: 4KB - Virtual size: 2KB