1ff5b8fbb81db4b483e40bd6a0743d9a227bf2c5c80b2e519ec4d641bd213760

General

Target

1ff5b8fbb81db4b483e40bd6a0743d9a227bf2c5c80b2e519ec4d641bd213760
Size

84KB
MD5

d6acbbac1f824638e6580710941e1456
SHA1

c89a25b28a1ec1792f60372cf47a64f356cffd1b
SHA256

1ff5b8fbb81db4b483e40bd6a0743d9a227bf2c5c80b2e519ec4d641bd213760
SHA512

d7400558fc89dda915228bdaf9b65e9b98bc58a3c79b0449384f880333cae1753b4ea02ec9e926357be0f3e2db2632ac20004c217c834fdd8fe5f0f7ca8e51d6
SSDEEP

1536:pW6c1Z5I9Bbw9CFXzueovTq+fgNuG2PUXWCkXwbTXs5o6b6R6T9c8oXPXD:Xc17I9BbuIXzueovTq+fgIrUKpbmkq8w

Score

N/A

Malware Config

Signatures

Files

1ff5b8fbb81db4b483e40bd6a0743d9a227bf2c5c80b2e519ec4d641bd213760
.dll windows x86

4390116b7dc4f54942718ff92ea1872c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
CloseHandle
lstrcpyA
FindFirstFileA
FindNextFileA
FindClose
GetProcAddress
LoadLibraryA
FreeLibrary
GetModuleFileNameA
GlobalAlloc
GlobalLock
GlobalUnlock
GetLastError
GlobalFree
HeapFree
HeapAlloc
RtlUnwind
RaiseException
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
VirtualAlloc
HeapReAlloc
IsBadWritePtr
ReadFile
GetModuleHandleA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetUnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetStdHandle
FlushFileBuffers
SetFilePointer
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
IsBadCodePtr
CreateFileA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEndOfFile

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

DS_Entry
DllMain

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4390116b7dc4f54942718ff92ea1872c

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 768B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 768B

.reloc
Size: 8KB - Virtual size: 4KB