c28b868aef1f2c60ed6514a31b33298046eb863ee8556efb04bf65da612ff71a

General

Target

c28b868aef1f2c60ed6514a31b33298046eb863ee8556efb04bf65da612ff71a
Size

116KB
MD5

3c5be5faf1ec14982de7d33a9a6f7070
SHA1

ad2fa84b511ae1995b39bf4089877ceec9f765be
SHA256

c28b868aef1f2c60ed6514a31b33298046eb863ee8556efb04bf65da612ff71a
SHA512

026d83d2ca920f9909b9b8d8e47a06458555c09f5a5558a5ebb1f49adae553b9cc97ba4e57ed97887746834886f138bfa154cccf45446bf739e4c50fd4340fee
SSDEEP

3072:QeTgXCtr7FqgmGs5dcaZu+cYb8bp8iRW+OP:QeTftmGOaancYbA8EWz

Score

N/A

Malware Config

Signatures

Files

c28b868aef1f2c60ed6514a31b33298046eb863ee8556efb04bf65da612ff71a
.dll windows x86

f879079ea9b43be9b48bb86e2476bcb9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

_vsnprintf
_ismbcspace
memmove
atol
strncpy
strtok
_strnicmp
strchr
realloc
isdigit
_findfirst
_findnext
_findclose
??3@YAXPAX@Z
_initterm
_adjust_fdiv
__dllonexit
_onexit
free
malloc
sprintf
rename
_splitpath
strrchr
_purecall
fread
??2@YAPAXI@Z
fclose
strstr
ftell
_fsopen
fseek
strncmp
_stricmp
_strlwr
_strcmpi
_unlink
_fstat
_mkdir
_stat
_fileno

kernel32

DisableThreadLibraryCalls
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetProcAddress
FreeLibrary
LoadLibraryA
lstrcpyA

user32

CharNextA
CharUpperA
GetSystemMetrics

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

winmm

timeKillEvent
timeSetEvent

Exports

Exports

CanUnload
RMACreateInstance
RMAShutdown
TFileSys_GetLastError

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f879079ea9b43be9b48bb86e2476bcb9

Headers

File Characteristics

Imports

pncrt

kernel32

user32

advapi32

winmm

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 4KB - Virtual size: 1KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 4KB - Virtual size: 1KB

.rmnet
Size: 60KB - Virtual size: 60KB