c91e72978c024405c5803929f6547f2147be9accb7cc02630a05db14aec975c7

Sharing

Copy URL Twitter E-mail

General

Target

c91e72978c024405c5803929f6547f2147be9accb7cc02630a05db14aec975c7
Size

128KB
MD5

c915b4c4dfe80c4424debd732d5e765a
SHA1

e7ad493adef9eaad31bb8fa884c0f6120f805d22
SHA256

c91e72978c024405c5803929f6547f2147be9accb7cc02630a05db14aec975c7
SHA512

52d19fb4960f84ef8c068d2ed10869059632c05995be7158acce0e7cadc3a69ae1231b2e9b01398b2fa43a7f6506bc03464b6d33e0d344ee90707c0b65d4ecea
SSDEEP

3072:skENwyLv/ENXtvhG+KqP4+7N6gOOrOSIQ9bJg:skE286G87NxTScH

Score

N/A

Malware Config

Signatures

Files

c91e72978c024405c5803929f6547f2147be9accb7cc02630a05db14aec975c7
.dll windows x86

ab6e19c6f34be4606b0f14bbd5648880

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

nnotes

ord2001
ord2141
ord2050
ord2066
ord2181
ord2177
ord391
ord2006
ord13
ord11

kernel32

HeapDestroy
HeapSize
GetLocaleInfoA
lstrlenA
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
VirtualFree
UnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
RtlUnwind
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

Foo
GetNotesNumberField
GetNotesStringField
NotesCloseDB
NotesFriendlyInit
NotesFriendlyTerm
NotesGetDBHandle
NotesGetNoteHandles
NotesIntfcGetNoteshNote
NotesReopenDB
SetNotesNumberField
SetNotesStringField

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ab6e19c6f34be4606b0f14bbd5648880

Headers

File Characteristics

Imports

nnotes

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.rmnet Size: 64KB - Virtual size: 64KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.rmnet
Size: 64KB - Virtual size: 64KB