ea812fc376f75e819ad8d9161f7d1e329a010efdd5c7a4fc731e1977a5d092e7

Sharing

Copy URL Twitter E-mail

General

Target

ea812fc376f75e819ad8d9161f7d1e329a010efdd5c7a4fc731e1977a5d092e7
Size

164KB
MD5

408b4c942a28bc94cd0871d46661eab0
SHA1

04381b120743ae832a3871f9f7ca64631cfdbb97
SHA256

ea812fc376f75e819ad8d9161f7d1e329a010efdd5c7a4fc731e1977a5d092e7
SHA512

a72830e288ac41b3b3dcc19a22f12eac5d85eeca61cc8c11b0141a838e86fb188ce26d7f0e8a0cd3b3e4379d6cd7af184f025cac4d6a80b3b8f49907d945628c
SSDEEP

3072:mmt6c76afJ0FpHgig2uo8R5F2OjhoRQ9NTfOTUpvi71jhSjJJA3OwcOaE88PgP/8:mmcc76af+lT8IOjhX9NKemJhyJJBwcwd

Score

N/A

Malware Config

Signatures

Files

ea812fc376f75e819ad8d9161f7d1e329a010efdd5c7a4fc731e1977a5d092e7
.dll windows x86

4bf7e2de284335d21aab0f1fa73e99a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
GetCurrentThreadId
CloseHandle
CreateThread
WaitForSingleObject
SetEvent
EnterCriticalSection
ResetEvent
DeleteCriticalSection
ReleaseMutex
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadPriority
Sleep
GetTickCount
DisableThreadLibraryCalls
IsDebuggerPresent
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
GetCurrentProcessId

ole32

CoUninitialize
CoCreateInstance
CoInitialize

msvcp80

??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z

msvcr80

??3@YAXPAX@Z
memmove_s
??2@YAPAXI@Z
malloc
wprintf
free
realloc
_unlock
__dllonexit
_encode_pointer
_lock
??0exception@std@@QAE@ABV01@@Z
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
_invalid_parameter_noinfo
?what@exception@std@@UBEPBDXZ
_onexit
__CxxFrameHandler3
_CxxThrowException
memset
_purecall
memcpy

Exports

Exports

_getPlugin

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4bf7e2de284335d21aab0f1fa73e99a0

Headers

File Characteristics

Imports

kernel32

ole32

msvcp80

msvcr80

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text Size: 112KB - Virtual size: 112KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 112KB - Virtual size: 112KB