9fbc7b5bf0e44c87b99aba755716d4c361785f158f66fceda4404a0d231c3c53

Sharing

Copy URL

Twitter E-mail

General

Target

9fbc7b5bf0e44c87b99aba755716d4c361785f158f66fceda4404a0d231c3c53
Size

7.1MB
MD5

04cead1f2f103ba4cf6433ced110d895
SHA1

aeebfd1f6d69529b494795687aa23967ee1507ec
SHA256

9fbc7b5bf0e44c87b99aba755716d4c361785f158f66fceda4404a0d231c3c53
SHA512

cca2c3a51a86f4c348a0c560a88d00e6a2d565761d5abc130d564e9078ab5ac9574d57ef3670fe50c68eb29001df3879ff00231fe46ebb5cd2e7eb7f01d993a4
SSDEEP

98304:XBQOl7LheXLE8u0PEYhceUsVgxVo8UpC+vdGtMayPxyE6aejBnpbvtwmnZQ1L:RfevudyyVV+vd7ayxyE65VnFv2L

Score

N/A

Malware Config

Signatures

Files

9fbc7b5bf0e44c87b99aba755716d4c361785f158f66fceda4404a0d231c3c53
.dll windows x86

6024b1d7c090d98b50d4b7d41f429ee8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetCursorPos
GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW

comdlg32

GetSaveFileNameA

ole32

CoCreateGuid

oleaut32

SysAllocString

imm32

ImmReleaseContext

dbghelp

MiniDumpWriteDump

ws2_32

WSAAddressToStringW

advapi32

CryptEncrypt

crypt32

CertFreeCertificateContext

wldap32

ord60

normaliz

IdnToAscii

mswsock

AcceptEx

wtsapi32

WTSSendMessageW

Exports

Exports

_InvokeMagic@4
_MagicalFunction@4

Sections

.text
Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 840KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

proto0
Size: - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

proto1
Size: 7.1MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6024b1d7c090d98b50d4b7d41f429ee8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

oleaut32

imm32

dbghelp

ws2_32

advapi32

crypt32

wldap32

normaliz

mswsock

wtsapi32

Exports

Exports

Sections

.text Size: - Virtual size: 2.4MB

.rdata Size: - Virtual size: 840KB

.data Size: - Virtual size: 204KB

proto0 Size: - Virtual size: 4.0MB

proto1 Size: 7.1MB - Virtual size: 7.1MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: - Virtual size: 2.4MB

.rdata
Size: - Virtual size: 840KB

.data
Size: - Virtual size: 204KB

proto0
Size: - Virtual size: 4.0MB

proto1
Size: 7.1MB - Virtual size: 7.1MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB