8338ebafc6041bcc611c117eec50e33f5f11137f915f3d5859fe50aa95a02af8

Sharing

Copy URL Twitter E-mail

General

Target

8338ebafc6041bcc611c117eec50e33f5f11137f915f3d5859fe50aa95a02af8
Size

552KB
MD5

cbe1555650fcc451c1522215855858f3
SHA1

a987ffa36b042968ccd3751e84999719f3678391
SHA256

8338ebafc6041bcc611c117eec50e33f5f11137f915f3d5859fe50aa95a02af8
SHA512

e7ae8028b8b213082fdf258d12dc922c41e3a8a2c0981bc152f8650e1aef4f089667e668aba630488a0e31cef0a32b85f00b7b889fefcf182a975819a0a72a81
SSDEEP

12288:eY4h/7O5yRWYBkkH97tLh2XwlSP1IantMD:RERLT8XYg1IantMD

Score

N/A

Malware Config

Signatures

Files

8338ebafc6041bcc611c117eec50e33f5f11137f915f3d5859fe50aa95a02af8
.dll windows x86

aba4d5dfe3d062ee8204341876e1cfb6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW

user32

CharNextW

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
PropVariantClear

oleaut32

VarUI4FromStr
UnRegisterTypeLi
SysStringLen
SysFreeString
SysAllocString
RegisterTypeLi
LoadTypeLi

kernel32

lstrlenW
lstrcmpiW
WriteFile
WriteConsoleW
WriteConsoleA
WideCharToMultiByte
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
TerminateProcess
Sleep
SizeofResource
SetThreadLocale
SetStdHandle
CloseHandle
CreateFileA
EnterCriticalSection
ExitProcess
FindResourceW
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentThreadId
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessPriorityBoost
GetStartupInfoA
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadResource
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
RtlUnwind
SetEvent
SetFilePointer
SetHandleCount
SetLastError

Exports

Exports

GC_Del
Keys
Number_FloorDivide
Parse
_flagmask

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aba4d5dfe3d062ee8204341876e1cfb6

Headers

File Characteristics

Imports

advapi32

user32

ole32

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 129KB - Virtual size: 129KB

.rdata Size: 292KB - Virtual size: 292KB

.data Size: 107KB - Virtual size: 107KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 129KB - Virtual size: 129KB

.rdata
Size: 292KB - Virtual size: 292KB

.data
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 9KB - Virtual size: 8KB