c8a7e09cf42ad31d88a80f68428527acf2a9fb5ba59d3aff11707f719fd3a0a2

Sharing

Copy URL Twitter E-mail

General

Target

c8a7e09cf42ad31d88a80f68428527acf2a9fb5ba59d3aff11707f719fd3a0a2
Size

144KB
MD5

0fdc2a47d6999fb9ec0aceccbb643f58
SHA1

d04a3b4000ecc1384db8e4a67aeecb05d4f841cf
SHA256

c8a7e09cf42ad31d88a80f68428527acf2a9fb5ba59d3aff11707f719fd3a0a2
SHA512

eb533b8e10893714445ce6174df2577bebc8ec0867a33490744d1b72be3bf5cd29de39c78eb1ccba5a17b29974992415c2d83d37b91a2bf450a59dff0f139069
SSDEEP

3072:2w+oZJDXSkmpViydCPSsl/AtdiNeopeK79uOs3B54ZydAi:p+oGkQNdCqsl/QqZQN3T4Zm

Score

N/A

Malware Config

Signatures

Files

c8a7e09cf42ad31d88a80f68428527acf2a9fb5ba59d3aff11707f719fd3a0a2
.dll windows x86

577a6d17ec19c607d9437282bd778091

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegOpenKeyW
ChangeServiceConfig2A
LookupPrivilegeValueA
RegEnumValueW
CloseServiceHandle
RegQueryInfoKeyA

version

GetFileVersionInfoA
VerQueryValueW

kernel32

RtlUnwind
GetStringTypeW
GetStringTypeA
GetProcAddress
IsValidLocale
GetHandleInformation
GetModuleHandleA
LoadLibraryA
VirtualAlloc
GetLastError
GetCurrentDirectoryW
QueryPerformanceCounter
GetLocaleInfoW
ReleaseMutex
lstrlenW
IsBadReadPtr
WideCharToMultiByte
CreateFileMappingW
CreateProcessA
SetThreadPriority
GlobalAlloc
LCMapStringA
GetTimeFormatA
GetShortPathNameW
GetCurrentThread
UnmapViewOfFile
IsBadStringPtrW
LoadLibraryExW
VirtualQuery
FreeLibrary
CreateDirectoryA
SearchPathW
GetVersionExW
LoadResource
WriteFile
LeaveCriticalSection
GetTempFileNameA
lstrcmpiW
CompareStringA
GetSystemInfo
GetModuleFileNameA
ExitProcess
GetSystemTime
HeapAlloc
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
FatalAppExitA
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
CloseHandle
CreateFileA
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers
SetStdHandle
SetEndOfFile
ReadFile
SetFilePointer
MultiByteToWideChar
LCMapStringW

Exports

Exports

Nlksyz

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

577a6d17ec19c607d9437282bd778091

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 52KB - Virtual size: 55KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 52KB - Virtual size: 55KB

.reloc
Size: 12KB - Virtual size: 9KB