87370ea50e440d9a35c82dc984367a3040e564b533f954c78c7f2b283c80acac

Sharing

Copy URL Twitter E-mail

General

Target

87370ea50e440d9a35c82dc984367a3040e564b533f954c78c7f2b283c80acac
Size

84KB
MD5

ec89d3dc1352e460e65dfdae6325dd43
SHA1

e9551137d053e570640806f49403aad6b57d4927
SHA256

87370ea50e440d9a35c82dc984367a3040e564b533f954c78c7f2b283c80acac
SHA512

1b1452552ddab973db336f0b7d34e4c27a20023890153a24f1960d5e525ce2e94534bf00eddd82cbf77aad01230226f9e04aa59283e4aef98fc5d422ea98e217
SSDEEP

1536:+tUibPmDb44WO3D/ohvrXtMIa4IQTOjrA9Tbc/s:2UibP+ky/oBrXtMt3wOjUNYE

Score

N/A

Malware Config

Signatures

Files

87370ea50e440d9a35c82dc984367a3040e564b533f954c78c7f2b283c80acac
.dll windows x86

f5dbd3a96295d733b69f5abf096457c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
Sleep
CloseHandle
GetProcessHeap
GetModuleHandleA
CopyFileA
LoadLibraryA
lstrlenA
LocalFree
InitializeCriticalSectionAndSpinCount
HeapAlloc
LeaveCriticalSection
CreateProcessA
SetLastError
WriteFile
WaitForSingleObjectEx
GetFileAttributesExW
QueueUserWorkItem
FlushViewOfFile
GlobalMemoryStatus
InitializeCriticalSection
IsBadReadPtr
GetSystemWindowsDirectoryA
ExitProcess
VirtualQueryEx
HeapUnlock
CancelIo
GetProcessVersion
DeleteFileW
GetSystemTimeAdjustment
VerLanguageNameW
GetThreadLocale
CreateThread
CreateNamedPipeW
FindFirstChangeNotificationW
GlobalGetAtomNameA
LocalAlloc
GetFileInformationByHandle
ReplaceFileW
RtlMoveMemory
FindResourceExA
CompareStringA
VirtualUnlock
GetModuleHandleExW
UnregisterWait
lstrcatA
BackupRead
OpenFile
GetFileType
GetProfileSectionA
QueryPerformanceFrequency
ReadProcessMemory
SystemTimeToTzSpecificLocalTime
EscapeCommFunction
GetExitCodeProcess
IsBadStringPtrA
Beep
lstrcpyW
GetEnvironmentStrings
UnlockFile
DosDateTimeToFileTime
GetSystemDirectoryW
GetCommState
GetTempPathW
LockResource
SetHandleCount
GetDiskFreeSpaceW
ReadDirectoryChangesW
GetVersion
SetFileAttributesA
DeleteVolumeMountPointW
LCMapStringW
SetVolumeMountPointW
GetUserDefaultLCID
OpenMutexA
LocalUnlock
EnumResourceNamesA
EnumUILanguagesW
GetQueuedCompletionStatus
SetEndOfFile
LoadResource
IsWow64Process
SetCommState
IsBadHugeWritePtr
FindNextVolumeMountPointW
RtlUnwind
SetFilePointer
UpdateResourceA
GetVersionExA
GetDriveTypeW
SearchPathW
OpenFileMappingA

oleaut32

SysAllocString
SysStringByteLen
SysFreeString

Exports

Exports

compatEventlib

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5dbd3a96295d733b69f5abf096457c1

Headers

File Characteristics

Imports

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB