4abb874bb9c7d211c201207cf77df4076cca1854c455d9ae29d1e7c0d107ef07

Sharing

Copy URL Twitter E-mail

General

Target

4abb874bb9c7d211c201207cf77df4076cca1854c455d9ae29d1e7c0d107ef07
Size

9.0MB
MD5

a20d12234c61361895e904b769e90820
SHA1

3ba97ab0208b97132dfdc685f6435c5c593f9e50
SHA256

4abb874bb9c7d211c201207cf77df4076cca1854c455d9ae29d1e7c0d107ef07
SHA512

2a22b4d424f42f5fc01b8af0c87566b0923d2def45021b94a30e3a0589959c0687f58c897b02e4a574d8fad7842cf209aa3c1f3c85974be3eef1bae2a04225ff
SSDEEP

196608:duLJ09eQRguuXHgrk8awUBo9NH8Lou7059vf8iuL:oLZQRPuXHgrk9wUBorc8u7059vUis

Score

N/A

Malware Config

Signatures

Files

4abb874bb9c7d211c201207cf77df4076cca1854c455d9ae29d1e7c0d107ef07
.dll windows x86

86fe360dbaf772637e9a4909d1c60ccb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
FindResourceExW
FindResourceW
LoadResource
CreateDirectoryW
GetModuleHandleW
WriteFile
SizeofResource
GetModuleFileNameW
CreateFileW
MultiByteToWideChar
GetTempPathW
RaiseException
GetLongPathNameW
FindClose
LockResource
RemoveDirectoryW
FindNextFileW
CloseHandle
DeleteFileW
EnterCriticalSection
LeaveCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
DecodePointer
GetCommandLineA
EncodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetProcAddress
HeapCreate
GetStringTypeW
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
LCMapStringW
RtlUnwind
LoadLibraryW

shlwapi

PathFileExistsW

Exports

Exports

DeleteRootResFile
ReleaseRootRes

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86fe360dbaf772637e9a4909d1c60ccb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 8.9MB - Virtual size: 8.9MB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 8.9MB - Virtual size: 8.9MB

.reloc
Size: 28KB - Virtual size: 27KB