1dd80fb44bfe16de6b5d9af4bbdccce3e2bf30d74aec202b1bd9f59979cb04dd

Sharing

Copy URL Twitter E-mail

General

Target

1dd80fb44bfe16de6b5d9af4bbdccce3e2bf30d74aec202b1bd9f59979cb04dd
Size

461KB
MD5

2091aeec89b7a1e3ef97b5520c0e297d
SHA1

affcbe4dbac4b11944e70cd0ce1ea86e1b9c6ec4
SHA256

1dd80fb44bfe16de6b5d9af4bbdccce3e2bf30d74aec202b1bd9f59979cb04dd
SHA512

3c4c6859d38d51767489eece644799183663b1efea397dad31b5f7c44246c3a8b04ff886cde99f4cb44b6920ae5cbe51d9ca8705e8f48ab6e41f13690727a03a
SSDEEP

6144:5IfM3vGut5wKauTzwXhiCwrAXJczJ64TqvvCDeaTyfBKmFdBzeUHdy72e2evMzjQ:pVoawX8CwrpzJexjKMe+PGUzjK8oROs

Score

N/A

Malware Config

Signatures

Files

1dd80fb44bfe16de6b5d9af4bbdccce3e2bf30d74aec202b1bd9f59979cb04dd
.dll windows x86

82c732fa1f4d45b038b1a0657b3c54d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

user32

TranslateMessage
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
FindWindowA
GetMessageA
IsWindow
PostQuitMessage
RegisterClassA
UpdateWindow
UnregisterDeviceNotification
SendMessageA
RegisterDeviceNotificationA

msvcrt

_chmod
_fdopen
_fstat
_getcwd
_stat
_strdup
_umask
_unlink
sprintf

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

gdi32

GetStockObject

kernel32

VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
Sleep
SetHandleCount
RtlUnwind
ReleaseMutex
ProcessIdToSessionId
MultiByteToWideChar
LoadLibraryA
LeaveCriticalSection
WideCharToMultiByte
LCMapStringA
InitializeCriticalSection
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GetVersionExA
GetVersion
GetTickCount
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcessPriorityBoost
GetProcAddress
WriteFile
LCMapStringW
CloseHandle
CreateFileA
CreateMutexA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetOEMCP

Exports

Exports

AddPyObject
AsString
Number_Remainder
ReferenceError
SetAttrString
get_compression_buffer_size
set_sig_bytes
write_image
write_init

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82c732fa1f4d45b038b1a0657b3c54d6

Headers

File Characteristics

Imports

advapi32

user32

msvcrt

setupapi

gdi32

kernel32

Exports

Exports

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 219KB - Virtual size: 218KB

.data Size: 108KB - Virtual size: 108KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 219KB - Virtual size: 218KB

.data
Size: 108KB - Virtual size: 108KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 4KB - Virtual size: 4KB