c24788761801ff1e1a78dc189e83a2c29f21cd6587f5620d8accd508b58d931e

Sharing

Copy URL Twitter E-mail

General

Target

c24788761801ff1e1a78dc189e83a2c29f21cd6587f5620d8accd508b58d931e
Size

196KB
MD5

7bb549129c5f416d28c44273f83ffbce
SHA1

524b280b785b6b8060d5cd5c2df166cbc30fe828
SHA256

c24788761801ff1e1a78dc189e83a2c29f21cd6587f5620d8accd508b58d931e
SHA512

53b9020c3d8bf00beef0989d9effec04d6994d7bab848f8a710ee1dfb9ee67ee63526cb5036d55c84a7f16a9cd383b7db2d31a74e65b929292f02dfd571cb35c
SSDEEP

3072:lNG+07z5rycNUAnlGY/0iWnoalkO5adaTBOW7lj5hney+Jsh/hh+ff8E:J0v5UAnlTn0X0ATBOW7Z5kJsh/

Score

N/A

Malware Config

Signatures

Files

c24788761801ff1e1a78dc189e83a2c29f21cd6587f5620d8accd508b58d931e
.dll windows x86

31f2071d002b58234a6045a732cd9146

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

hpltkrn14nu

ord273
ord188
ord189
ord196
ord284
ord283
ord282
ord324
ord125
ord126
ord112
ord221
ord272
ord285
ord271
ord191
ord192
ord190

kernel32

CloseHandle
WriteFile
GetTempFileNameA
GetTempPathA
DeleteFileA
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree
GlobalHandle
CompareStringA
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryA
InterlockedExchange
SetLastError
FreeLibrary
GetWindowsDirectoryA
LoadLibraryA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetSystemTimeAsFileTime

gdi32

CreatePalette
DeleteObject

msvcr80

memset
memmove
floor
__CxxFrameHandler3
??3@YAXPAX@Z
??2@YAPAXI@Z
realloc
ceil
_purecall
fseek
ftell
fread
isspace
islower
tolower
isupper
fclose
fopen
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
sprintf
strncpy
strtok
strncmp
memcpy
free
malloc
toupper
atof
isdigit
atoi
modf

Exports

Exports

DllMain
fltDeletePage
fltInfo
fltLoad
fltSave

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31f2071d002b58234a6045a732cd9146

Headers

File Characteristics

Imports

hpltkrn14nu

kernel32

gdi32

msvcr80

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 104KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 56KB - Virtual size: 55KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 108KB - Virtual size: 104KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 56KB - Virtual size: 55KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB