c11afc4b40a9af5aa1f5f491319979e5a84e6fb4167d917c3ba2604c9586e3a6

Sharing

Copy URL Twitter E-mail

General

Target

c11afc4b40a9af5aa1f5f491319979e5a84e6fb4167d917c3ba2604c9586e3a6
Size

389KB
MD5

fa2d8147409c8e4f240e653513c61b6e
SHA1

05f110dc9fd22d60e2917e91bd4e109b96a7eeed
SHA256

c11afc4b40a9af5aa1f5f491319979e5a84e6fb4167d917c3ba2604c9586e3a6
SHA512

cef4edd50c321d01148ac2b5c9d15dcc1bf89edd611bfdf6cc8c4dfdc5884622929bdaa9d8db2154c90068149396e2363509ce79b4399b4c06b4b93d9410a4b3
SSDEEP

6144:lWNz4FmbU59ozMH0cFu069YbIY6QMId9N4IG68PS2f:lazPQ59oW+WEY6wLN416CSQ

Score

N/A

Malware Config

Signatures

Files

c11afc4b40a9af5aa1f5f491319979e5a84e6fb4167d917c3ba2604c9586e3a6
.dll windows x86

e03dae8fb0e7b02acab764d422e494cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileA
GetCommandLineA
DeleteFileA
EnterCriticalSection
CloseHandle
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
CreateToolhelp32Snapshot
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentStrings
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
ExitProcess
GetStdHandle
GetVersion
GetVolumeInformationA
GlobalMemoryStatus
InitializeCriticalSection
IsBadReadPtr
LeaveCriticalSection
LoadLibraryA
OpenProcess
Process32First
Process32Next
RaiseException
ReadFile
ReadProcessMemory
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteFile
WriteProcessMemory
GetStartupInfoA

user32

MessageBoxA
EnumThreadWindows

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData

Sections

CODE
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 16KB - Virtual size: 17.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 254KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e03dae8fb0e7b02acab764d422e494cd

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

CODE Size: 55KB - Virtual size: 56KB

DATA Size: 16KB - Virtual size: 17.7MB

.idata Size: 1KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 4KB

.debug Size: 254KB - Virtual size: 256KB

.rmnet Size: 56KB - Virtual size: 60KB

CODE
Size: 55KB - Virtual size: 56KB

DATA
Size: 16KB - Virtual size: 17.7MB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 4KB

.debug
Size: 254KB - Virtual size: 256KB

.rmnet
Size: 56KB - Virtual size: 60KB