315549659fbc02dd0dbda10673f2947bee7715896cc90d5ff1b06c3957170e8c

General

Target

315549659fbc02dd0dbda10673f2947bee7715896cc90d5ff1b06c3957170e8c
Size

369KB
MD5

2e17ac17493e9c7ebca5e2034ef2b978
SHA1

29cc3c1cb9986a495cbdfa785ee019d3c49dc088
SHA256

315549659fbc02dd0dbda10673f2947bee7715896cc90d5ff1b06c3957170e8c
SHA512

aca0ccafa7c5a809ddf577a5a8f97366446e97820685b5183688dca8ce01b2b10eaf341aa5e596c66880a206f93fcf2fe4266aa847c2e11ab6763c0cfb4448d5
SSDEEP

6144:rQRbIZHYQoaju8p36yiQcnCQT7yrrEqjgTW9yKyyLkeDq6xxgT7VcOvcNn:r4bIZHYQoaju8p36yiQHrEqj59Byy/DT

Score

N/A

Malware Config

Signatures

Files

315549659fbc02dd0dbda10673f2947bee7715896cc90d5ff1b06c3957170e8c
.dll windows x86

bb03842f9ae8921c3af41df81fe698ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
lstrcpyA
lstrcmpA
TlsSetValue
TlsAlloc
TlsFree
GetOEMCP
FreeEnvironmentStringsA
SetFilePointer
SetStdHandle
GetLocaleInfoW
CloseHandle
FlushFileBuffers
GetLocaleInfoA
VirtualAlloc
GetStringTypeW
LoadLibraryA
RtlUnwind
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
SetLastError
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
GetCPInfo
GetACP
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LCMapStringW
GetStringTypeA
HeapFree
LCMapStringA

ltkrn10n

ord175
ord116
ord183
ord163
ord162
ord169
ord194
ord189
ord109
ord192
ord101
ord188
ord134
ord125
ord100
ord141
ord174
ord129
ord137
ord179
ord190
ord191

Exports

Exports

DllMain
fltComment
fltCompressBuffer
fltDeletePage
fltEndCompressBuffer
fltGetStamp
fltGetTag
fltInfo
fltLoad
fltLoadJPEG
fltSave
fltSaveJPEG
fltStartCompressBuffer

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 155KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb03842f9ae8921c3af41df81fe698ed

Headers

File Characteristics

Imports

kernel32

ltkrn10n

Exports

Exports

Sections

.text Size: 196KB - Virtual size: 196KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 155KB - Virtual size: 200KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 196KB - Virtual size: 196KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 155KB - Virtual size: 200KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB