8bda5970233136aa3dff9da6e102125d2a7acc8a3f9414374a35020e224fb235

Sharing

Copy URL Twitter E-mail

General

Target

8bda5970233136aa3dff9da6e102125d2a7acc8a3f9414374a35020e224fb235
Size

205KB
MD5

55c4eb886aa8f4f820598a4d61de0ebf
SHA1

58114c64f4681fc9b8927ccb689804227a71b535
SHA256

8bda5970233136aa3dff9da6e102125d2a7acc8a3f9414374a35020e224fb235
SHA512

3a98b3fc764e48a399f238e0b66e9dde2828a82b873f56b7b07e81563a97ae3c171fff96a2b8512ca96333798a4a844c8f183d5eddfd1f40b4cb79d825a7d77f
SSDEEP

3072:yuAWqJhXAPpK6w6/gVYfPwpWGH+2oaSwItUTFRnDnrAlTvn6rU/mVZHQkZ6CQVX1:8V00o5YzjdFRDnrAlGU+lQJ1

Score

N/A

Malware Config

Signatures

Files

8bda5970233136aa3dff9da6e102125d2a7acc8a3f9414374a35020e224fb235
.dll windows x86

b7de482cb271622cc4ee3198df33dcf5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xprt5

??0TPtrFromPtrMap@XPRT@@QAE@H@Z
?Lookup@TPtrFromPtrMap@XPRT@@QBE_NPAXAAPAX@Z
??ATPtrFromPtrMap@XPRT@@QAEAAPAXPAX@Z
?RemoveKey@TPtrFromPtrMap@XPRT@@QAE_NPAX@Z
?SetOptimalLoad@TPtrFromPtrMap@XPRT@@QAEXMMM_N@Z
?SetAt@TPtrFromPtrMap@XPRT@@QAEPAU__POSITION@2@PAX0@Z
?GetLength@TBstr@XPRT@@QBEHXZ
?GetStartPosition@TPtrFromPtrMap@XPRT@@QBEPAU__POSITION@2@XZ
?SetAtGrow@TPtrArray@XPRT@@QAEXHPAX@Z
_XprtCreateThread@8
_XprtGetMilliseconds@0
_XprtDestroyThread@8
?FreeDataChain@SPlex@XPRT@@QAEXXZ
?Create@SPlex@XPRT@@SGPAU12@AAPAU12@II@Z
?RemoveAll@TPtrFromPtrMap@XPRT@@QAEXXZ
?Transform@TMd5Digest@XPRT@@EAEXQAIQBE@Z
?GetEncodedByteLength@TBstr@XPRT@@QBEHPBG@Z
?IsEmpty@TBstr@XPRT@@QBE_NXZ
?GetAt@TBstr@XPRT@@QBEGH@Z
?GetString@TBstr@XPRT@@QBEPBGXZ
?GetEncodedString@TBstr@XPRT@@QBEPBDPBG@Z
?Assign@TBstr@XPRT@@QAEAAV12@PBDPBG@Z
?Assign@TBstr@XPRT@@QAEAAV12@PBG@Z
?Append@TBstr@XPRT@@QAEAAV12@G@Z
?Append@TBstr@XPRT@@QAEAAV12@ABV12@@Z
?Compare@TBstr@XPRT@@QBEHPBG@Z
?Left@TBstr@XPRT@@QBE?AV12@H@Z
?Normalize@TBstr@XPRT@@QAEAAV12@XZ
?Replace@TBstr@XPRT@@QAEHPBG0@Z
?Delete@TBstr@XPRT@@QAEHHH@Z
?Find@TBstr@XPRT@@QBEHGH@Z
?Format@TBstr@XPRT@@QAAXPBGZZ
_XprtMemAlloc@4
??1TPtrFromPtrMap@XPRT@@QAE@XZ
??1TPtrArray@XPRT@@QAE@XZ
??0TPtrArray@XPRT@@QAE@XZ
??0TMessageDigest@XPRT@@QAE@XZ
?Finish@TMdXDigest@XPRT@@UAEHPAEH@Z
?GetDigestSize@TMdXDigest@XPRT@@UBEHXZ
?SetCount@TPtrArray@XPRT@@QAE_NHH@Z
?Add@TPtrArray@XPRT@@QAEHPAX@Z
xprt_iswdigit
_XprtMemRealloc@8
?Mid@TBstr@XPRT@@QBE?AV12@HH@Z
?Lock@TSpinLock@XPRT@@QAEXXZ
?Unlock@TSpinLock@XPRT@@QAEXXZ
_XprtUninitialize@0
_XprtInitialize@8
xprt_strlen
xprt_memcpy
?Assign@TBstr@XPRT@@QAEAAV12@ABV12@@Z
?Update@TMessageDigest@XPRT@@QAEXPBEH@Z
?Mid@TBstr@XPRT@@QBE?AV12@H@Z
_XprtAtomicDecrement@4
xprt_memset
xprt_memmove
??0TBstr@XPRT@@QAE@PBDPBG@Z
xprt_strcmp
kSystemEncoding
_XprtAtomicIncrement@4
?Empty@TBstr@XPRT@@QAEXXZ
?ToInt@TBstr@XPRT@@QBEHH@Z
?ReverseFind@TBstr@XPRT@@QBEHG@Z
kUtf8Encoding
??0TBstr@XPRT@@QAE@PBG@Z
??0TBstr@XPRT@@QAE@ABV01@@Z
??0TBstr@XPRT@@QAE@XZ
??1TBstr@XPRT@@QAE@XZ
?Attach@TBstr@XPRT@@QAEXPAG@Z
?Detach@TBstr@XPRT@@QAEPAGXZ
?GetNextAssoc@TPtrFromPtrMap@XPRT@@QBEXAAPAU__POSITION@2@AAPAX1@Z
_XprtMemFree@4

kernel32

ExitProcess
SetLastError
GetLastError
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
InterlockedExchange
CompareStringA
GetCurrentThreadId
InterlockedCompareExchange
ResetEvent
SetEvent
CloseHandle
FreeLibrary
DisableThreadLibraryCalls

user32

MsgWaitForMultipleObjects
KillTimer
SetTimer
TranslateMessage

msvcrt

??3@YAXPAX@Z
strcmp
qsort
memcpy
_purecall
_snwprintf
_except_handler3
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
??2@YAPAXI@Z

ole32

CoCreateInstance
CoUninitialize
CoRegisterMessageFilter
CreateBindCtx
CoInitializeEx

oleaut32

VariantCopy
SysAllocString
VariantChangeType
VariantInit
SafeArrayDestroy
SafeArrayCopy
SafeArrayUnlock
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayLock
SafeArrayRedim
VariantClear
SafeArrayCreate

Exports

Exports

EEGetModuleInterop

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b7de482cb271622cc4ee3198df33dcf5

Headers

File Characteristics

Imports

xprt5

kernel32

user32

msvcrt

ole32

oleaut32

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 10KB - Virtual size: 10KB

.rsrc Size: 1024B - Virtual size: 856B

.reloc Size: 9KB - Virtual size: 8KB

.text Size: 107KB - Virtual size: 108KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 856B

.reloc
Size: 9KB - Virtual size: 8KB

.text
Size: 107KB - Virtual size: 108KB