78b12309872269021e02e9ef2bf7141065d4a6aac4e1aeca370f236080965aea

Sharing

Copy URL Twitter E-mail

General

Target

78b12309872269021e02e9ef2bf7141065d4a6aac4e1aeca370f236080965aea
Size

160KB
MD5

f6815ff90570c77cff1aaaf4a7266f73
SHA1

83ce4d990f21c9bb4a567e27e5c5f8617b08f504
SHA256

78b12309872269021e02e9ef2bf7141065d4a6aac4e1aeca370f236080965aea
SHA512

e4141997b728dde98e44533c38c6658c9f51f9cefbd139c75502e6aa4aa5377de27852bbcb93f19272c29dfe36dad72397b07b95b9a44c9ad2edd7dbbba83219
SSDEEP

3072:fAAUaifeIhfljfwcdkd2rkCiswzkudo0h55aS9omcFLFZ:fAAUa2eIVxtkdyDirzbh55aocFx

Score

N/A

Malware Config

Signatures

Files

78b12309872269021e02e9ef2bf7141065d4a6aac4e1aeca370f236080965aea
.dll windows x86

f97878c410d4f892a0e0db0a53ae077f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegFlushKey
RegEnumKeyExW
RegSetValueExW
CloseServiceHandle
RegDeleteKeyA
RegDeleteValueW
RegCloseKey
EqualSid
RegDeleteValueA
GetTokenInformation
RegSetValueExA

version

GetFileVersionInfoSizeW
GetFileVersionInfoSizeA

kernel32

RtlUnwind
GetStringTypeW
GetStringTypeA
IsValidLocale
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetHandleInformation
VirtualAlloc
LCMapStringW
RaiseException
ExpandEnvironmentStringsA
GetThreadLocale
EnumSystemLocalesA
GetFileTime
IsValidCodePage
MapViewOfFile
ExitThread
GetVersion
lstrcpyW
LoadResource
LCMapStringA
LoadLibraryW
GetCurrentProcessId
SetFilePointer
ExitProcess
GetCurrentDirectoryA
lstrcmpA
CompareStringA
FormatMessageA
CreateDirectoryW
CreateEventW
lstrlenW
FindResourceW
IsBadWritePtr
GetVersionExW
GetStartupInfoA
SizeofResource
GetProcessHeap
SetLastError
DeleteCriticalSection
GetTempFileNameA
SearchPathW
Sleep
HeapSize
SetCurrentDirectoryA
SuspendThread
GetCPInfo
WaitForSingleObject
InterlockedDecrement
SetEvent
InterlockedExchange
CopyFileA
lstrcatA
SetStdHandle
InterlockedIncrement
CreateFileMappingW
SetEnvironmentVariableA
WriteConsoleW
CreateProcessA
GetStdHandle
LeaveCriticalSection
LocalFree
CreateMutexW
GlobalFree
GetStartupInfoW
GlobalHandle
lstrcmpW
CreateThread
GetLocalTime
lstrcpyA
lstrcmpiA
GetSystemTime
HeapAlloc
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InitializeCriticalSection
EnterCriticalSection
FatalAppExitA
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetFileType
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
CloseHandle
CreateFileA
UnhandledExceptionFilter
GetACP
GetOEMCP
FlushFileBuffers
SetEndOfFile
ReadFile
MultiByteToWideChar

Exports

Exports

LZCA

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f97878c410d4f892a0e0db0a53ae077f

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 52KB - Virtual size: 54KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 52KB - Virtual size: 54KB

.reloc
Size: 12KB - Virtual size: 11KB