c19ff81e1bcd7699db271d909b80f4d673cbb53b043d8b15415ec29a798ae828

Sharing

Copy URL Twitter E-mail

General

Target

c19ff81e1bcd7699db271d909b80f4d673cbb53b043d8b15415ec29a798ae828
Size

247KB
MD5

2f0c998272738d675e5a28b53ef9c23a
SHA1

76ef56555feb697ad55fe47c79bbfaa8c2fcdfd6
SHA256

c19ff81e1bcd7699db271d909b80f4d673cbb53b043d8b15415ec29a798ae828
SHA512

92ac8b28e95821f41fbcc3dc74e6447aeedc2de9868742dfc9294d2626e37fb6c9ed34d6ceed3a1c81247bbb75b13cc480c07532ad6cfdd3d9b9d9798d358874
SSDEEP

6144:T1AhRGVbE+PcoO23xP/FeZjkatz/513WU:T1AhClMr

Score

N/A

Malware Config

Signatures

Files

c19ff81e1bcd7699db271d909b80f4d673cbb53b043d8b15415ec29a798ae828
.dll windows x86

6e1c351ea6bf5c1bbe1a353584914ca0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord924
ord860
ord2915
ord5572
ord922
ord858
ord535
ord4202
ord543
ord803
ord6394
ord5450
ord6383
ord5440
ord940
ord3584
ord536
ord939
ord540
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord4274
ord815
ord561
ord825
ord1247
ord823
ord798
ord1997
ord2808
ord6407
ord5194
ord533
ord537
ord800
ord1979
ord665
ord5186
ord3663
ord354

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
_CxxThrowException
memmove
memset
rand
asctime
calloc
localtime
strcmp
srand
time
strcat
memcpy
realloc
strlen
sprintf
malloc
free
__CxxFrameHandler

kernel32

GetSystemInfo
GlobalMemoryStatus
GetLocaleInfoA
GetVersionExA
GetModuleHandleA
GetModuleFileNameA
CreateThread
CreateFileA
LoadLibraryA
GetTickCount
SetUnhandledExceptionFilter
GetSystemDirectoryA
Sleep
ReadProcessMemory
GetCurrentProcess
LoadResource
GetCurrentThreadId
FindResourceA
VirtualQuery
VirtualProtect
VirtualAlloc
VirtualFree
lstrlenA
EnterCriticalSection
FreeLibrary
LoadLibraryExA
GetFileSize
ReadFile
SetLastError
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
GetLastError
IsBadReadPtr
IsBadCodePtr
CreateToolhelp32Snapshot
Module32First
lstrcpynA
Module32Next
CloseHandle
lstrcmpA
SizeofResource
GetProcAddress

user32

TranslateMessage
GetMessageA
SetTimer
wsprintfA
DispatchMessageA
KillTimer

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA

shlwapi

PathFileExistsA

Exports

Exports

GetModuleId
ke_GetFirstObj
ke_GetModuleVersion
ke_GetNextObj
ke_IsModuleExists
ke_ModuleAvailable
ke_NotifyEvent
ke_Rand
ke_RegisterAndLoadNewModule
ke_RestartProcess
ke_TerminateKernel
ke_UnloadModuleRequest
ke_free
ke_malloc

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e1c351ea6bf5c1bbe1a353584914ca0

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.text1 Size: 4KB - Virtual size: 1KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 540B

.data1 Size: 8KB - Virtual size: 4KB

.rsrc Size: 184KB - Virtual size: 181KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 23KB

.text1
Size: 4KB - Virtual size: 1KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 540B

.data1
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 184KB - Virtual size: 181KB

.reloc
Size: 8KB - Virtual size: 4KB