dc5dc3f9f42f204441085fde65182f4586b643e6a62dacdfbe52845e91aea82c

Sharing

Copy URL

Twitter E-mail

General

Target

dc5dc3f9f42f204441085fde65182f4586b643e6a62dacdfbe52845e91aea82c
Size

331KB
MD5

d4b41d92f6185128afe037e4521a3372
SHA1

ef1a158d507058cdaa8a8492e76d45ef2cda43c1
SHA256

dc5dc3f9f42f204441085fde65182f4586b643e6a62dacdfbe52845e91aea82c
SHA512

2f875f909fa6552110dc8228caef64c699cb0cfb4b61d24bd8ff875b4fb64e61d8bef540cc5ccc771224cd87952a51eb3a17494c7c03bb4989a3aa54e5e7f326
SSDEEP

6144:Z0QBvU4zl+08NNGPpHlMu2MoiHAZrgNLm//t7FHecXcxaANvVJUfUcIYo:DBU4zl78OpHlMu2gArymhHaNNvV4UL

Score

N/A

Malware Config

Signatures

Files

dc5dc3f9f42f204441085fde65182f4586b643e6a62dacdfbe52845e91aea82c
.dll windows x86

90f43432f114d6a717999254d8654718

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFileMappingW
GetPrivateProfileSectionA
DisconnectNamedPipe
EndUpdateResourceA
GetCommState
GetModuleHandleA
GlobalFlags
WriteFile
FindNextVolumeW
FileTimeToLocalFileTime
GetExitCodeThread
GetDevicePowerState
FreeEnvironmentStringsW
GetProfileIntW
Process32First
GetProcessHeap
GetPrivateProfileStringW
IsValidLanguageGroup
_lwrite
SetFileAttributesA
FormatMessageW
SizeofResource
WaitCommEvent
GetPrivateProfileStringA
ExpandEnvironmentStringsW
GlobalSize
GetLogicalDrives
GetCurrentDirectoryA
IsDBCSLeadByteEx
GetStringTypeExA
GetProcessPriorityBoost
FreeLibrary
DefineDosDeviceA

rpcrt4

MesInqProcEncodingId
NdrEncapsulatedUnionUnmarshall
NdrConformantVaryingStructMemorySize
NdrConformantStructFree
IUnknown_Release_Proxy
NdrConformantArrayMemorySize
RpcMgmtStatsVectorFree
RpcCertGeneratePrincipalNameW
NdrRangeUnmarshall
I_RpcBindingInqWireIdForSnego
NdrMesTypeFree2
NdrConformantStringMemorySize
RpcMgmtInqComTimeout
I_RpcTransServerNewConnection
NdrServerMarshall
I_RpcConnectionInqSockBuffSize
NdrGetBuffer
I_RpcClearMutex
RpcStringFreeW
NdrVaryingArrayFree
NdrPointerMarshall
RpcMgmtEpUnregister
NdrServerUnmarshall
RpcSsGetThreadHandle
I_RpcFree
NdrRpcSmSetClientToOsf
NdrComplexArrayUnmarshall
I_RpcBindingInqDynamicEndpointW
RpcMgmtInqStats
NdrXmitOrRepAsBufferSize
NdrRpcSsEnableAllocate

Exports

Exports

CPlApplet

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90f43432f114d6a717999254d8654718

Headers

File Characteristics

Imports

kernel32

rpcrt4

Exports

Exports

Sections

.text Size: 228KB - Virtual size: 227KB

.xdata Size: 14KB - Virtual size: 14KB

.data Size: 56KB - Virtual size: 435KB

.rdata Size: 10KB - Virtual size: 10KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 6KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.text
Size: 228KB - Virtual size: 227KB

.xdata
Size: 14KB - Virtual size: 14KB

.data
Size: 56KB - Virtual size: 435KB

.rdata
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 6KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 4KB