05d65dc5fb1286878566e4d7db877769a7cc80220ce494dac5eeafdaa7be2a4d

Sharing

Copy URL

Twitter E-mail

General

Target

05d65dc5fb1286878566e4d7db877769a7cc80220ce494dac5eeafdaa7be2a4d
Size

184KB
MD5

08a1188b9560b7b7d169832287a8da29
SHA1

a4c01769416ef05e8b97e228fd290f265a9a6200
SHA256

05d65dc5fb1286878566e4d7db877769a7cc80220ce494dac5eeafdaa7be2a4d
SHA512

3493df02065941a6db46a49237ddb222edfef15e9413037a16e09c0b2a612503199c09cdd0cb0b0047b43af62f7af81b2f50fa6cd84f08efb76ca92a84745ea1
SSDEEP

3072:LAg0FulWG16udnS3PMUTUtjL4cpZviBUiGrkgEdrMz:LAOV1BnSvTgjLZEifMr

Score

N/A

Malware Config

Signatures

Files

05d65dc5fb1286878566e4d7db877769a7cc80220ce494dac5eeafdaa7be2a4d
.dll windows x86

2b337d006adbf5230635c3ae54830cb9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
InterlockedIncrement
InterlockedDecrement
DisableThreadLibraryCalls
lstrcpynA
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleFileNameA
CloseHandle
WriteFile
LoadLibraryA
lstrlenA
FlushFileBuffers
SetStdHandle
SetFilePointer
VirtualQuery
GetSystemInfo
VirtualProtect
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCPInfo
GetOEMCP
HeapSize
IsBadWritePtr
VirtualAlloc
SetUnhandledExceptionFilter
GetCurrentProcessId
DeleteCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedExchange
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsAlloc
GetProcAddress
GetCurrentThreadId
TlsSetValue
GetCommandLineA
ExitProcess
RaiseException
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
GetSystemTimeAsFileTime
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsFree
SetLastError
TlsGetValue

user32

LoadStringA
WinHelpA
CharNextA

oleaut32

SysFreeString
VarUI4FromStr
SysAllocStringLen
LoadRegTypeLi
LoadTypeLi
SysStringLen
SetErrorInfo
CreateErrorInfo
SysAllocString

advapi32

RegCreateKeyExA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
StringFromCLSID
CoTaskMemAlloc

shell32

ShellExecuteA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
GetClassID

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b337d006adbf5230635c3ae54830cb9

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

advapi32

ole32

shell32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 91KB

.data Size: 72KB - Virtual size: 78KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 92KB - Virtual size: 91KB

.data
Size: 72KB - Virtual size: 78KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 9KB