b0909d5bc6454356b81d51ebb6e05c6ff86e6d6f131e58e9a7b57afc0446d529

Sharing

Copy URL Twitter E-mail

General

Target

b0909d5bc6454356b81d51ebb6e05c6ff86e6d6f131e58e9a7b57afc0446d529
Size

443KB
MD5

c686d6b75529629611e84bdfc0018eea
SHA1

161922e5c873bc5242df7a2538c839a32ee14462
SHA256

b0909d5bc6454356b81d51ebb6e05c6ff86e6d6f131e58e9a7b57afc0446d529
SHA512

508d89951b4dac5f6be8b4e1a6d907ac112b296012066a667e7ec8f62e9d347c31fb74e878a5553a7d7b1c8da6960d64c4d8728321b65b6319ba8b4b13ab2094
SSDEEP

12288:KaoYfCdhApp1YJB6l7rkklAtk+/Q5Dh/sHrHo:EWECb1BrrWtkVD4rHo

Score

N/A

Malware Config

Signatures

Files

b0909d5bc6454356b81d51ebb6e05c6ff86e6d6f131e58e9a7b57afc0446d529
.dll windows x86

3c4ec7d012fbd116f20a3c667868bea3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExA
RegQueryValueExA
RemoveTraceCallback
RegCloseKey

gdi32

CloseFigure
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectA
CreateFontIndirectW
DeleteDC
DeleteObject
ExtTextOutA
ExtTextOutW
GetFontLanguageInfo
GetGlyphOutlineA
GetObjectA
GetTextMetricsA
GetTextMetricsW
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetTextAlign

msvcrt

_isnan
_CIacos
tolower
qsort
memcpy
malloc
iswspace
iswpunct
iswprint
iswalpha
free
floor
_vsnprintf
_unlock
_stricmp
_j0
memmove
_initterm
_finite
_controlfp
_atoi64
_amsg_exit
__p__winver
__dllonexit
_XcptFilter
_Strftime
_CxxThrowException
_CIsqrt
_CIsin
_CIcos
_CIatan
_CIasin

ole32

CreateStreamOnHGlobal

kernel32

WriteTapemark
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
VirtualAlloc
UnhandledExceptionFilter
TryEnterCriticalSection
TerminateProcess
SizeofResource
SetThreadContext
RtlUnwind
ReleaseMutex
ReadFile
QueryPerformanceCounter
OutputDebugStringA
MultiByteToWideChar
LockResource
LoadResource
LoadLibraryA
LeaveCriticalSection
IsProcessorFeaturePresent
InterlockedIncrement
InterlockedExchange
InterlockedCompareExchange
GetVersion
GetTickCount
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessAffinityMask
GetModuleHandleA
GetModuleFileNameA
GetMailslotInfo
GetLastError
GetFullPathNameW
CloseHandle
CreateFileA
CreateMutexA
CreateThread
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindResourceA
FreeLibrary
GetCommProperties
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId

Exports

Exports

BuildLDAPPathFromADsPath
CreatePRTBuffer
GetWMFResolutionEx
SetLoadInfoCallback
StopFeedLoad

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c4ec7d012fbd116f20a3c667868bea3

Headers

File Characteristics

Imports

advapi32

gdi32

msvcrt

ole32

kernel32

Exports

Exports

Sections

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 221KB - Virtual size: 220KB

.data Size: 70KB - Virtual size: 71KB

.rsrc Size: 64KB - Virtual size: 64KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 221KB - Virtual size: 220KB

.data
Size: 70KB - Virtual size: 71KB

.rsrc
Size: 64KB - Virtual size: 64KB

.reloc
Size: 5KB - Virtual size: 5KB