813edc88972bc0f1482709c30892e1676e7ffe71885d96522d1d0472f1ba05b0

Sharing

Copy URL Twitter E-mail

General

Target

813edc88972bc0f1482709c30892e1676e7ffe71885d96522d1d0472f1ba05b0
Size

148KB
MD5

b14fa0096d42ec2697f501c90741d250
SHA1

e2befaca2dabafc6cbd9b81493243f65134ae3d2
SHA256

813edc88972bc0f1482709c30892e1676e7ffe71885d96522d1d0472f1ba05b0
SHA512

91add0a4ea3802700390ee31ad4f3638b067774db86bda70391e7a7c69e1978a3cff22b3fa47bad716114a09aa3197e8cdffa8d0e677aca0f98f2be0a2d01707
SSDEEP

3072:khXvEllsaKIa7YH4FvNa5xp0mHI/qUvs9Dc4m7hNJjlUx6PWDAVFBAT:QXvEl7g7H94TwvScHhNJxI6ecVvG

Score

N/A

Malware Config

Signatures

Files

813edc88972bc0f1482709c30892e1676e7ffe71885d96522d1d0472f1ba05b0
.dll windows x86

f086ee2d8f9675776d83a2e68ecd8ce9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryInfoKeyA
AllocateAndInitializeSid
RegDeleteKeyW
RegCreateKeyW
RegEnumKeyExW
LockServiceDatabase
RegQueryValueExA

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueW

kernel32

RtlUnwind
GetStringTypeW
LCMapStringW
MultiByteToWideChar
SetFilePointer
IsValidLocale
GetModuleHandleA
LoadLibraryA
GetHandleInformation
GetProcAddress
VirtualAlloc
GetLocalTime
GetTimeFormatA
HeapDestroy
GetFileSize
GetVersionExW
SystemTimeToFileTime
CreateProcessA
GetConsoleCP
GlobalFree
lstrlenA
HeapSize
SetThreadPriority
DeleteCriticalSection
FindResourceExW
VirtualFree
CloseHandle
SetLastError
CreateEventA
GetCurrentDirectoryA
SetErrorMode
HeapAlloc
GetStartupInfoW
GetStringTypeA
InterlockedIncrement
GetLocaleInfoA
ReadFile
LoadResource
WideCharToMultiByte
GetCurrentProcessId
GetTempFileNameA
UnmapViewOfFile
ResumeThread
IsBadStringPtrW
EnumSystemLocalesA
GetFileTime
GetLocaleInfoW
CreateDirectoryA
InterlockedDecrement
GetShortPathNameA
GlobalAlloc
HeapReAlloc
LoadLibraryExW
VirtualQuery
lstrcmpW
CreateFileW
LockResource
LCMapStringA
lstrcmpA
HeapCreate
CompareStringW
SizeofResource
FindResourceA
GetCurrentThreadId
lstrcpyA
WaitForSingleObject
lstrcmpiW
ExitProcess
GetSystemTime
GetCommandLineA
GetVersion
HeapFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
IsBadWritePtr
TerminateProcess
GetCurrentProcess
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
CreateFileA
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers
SetStdHandle
SetEndOfFile

Exports

Exports

JIHBT

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f086ee2d8f9675776d83a2e68ecd8ce9

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 52KB - Virtual size: 53KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 52KB - Virtual size: 53KB

.reloc
Size: 12KB - Virtual size: 9KB