6bf120c4a8844c8443a572d8acb8b2854af480a75cb42c46f4a8cd60d519375a

Sharing

Copy URL Twitter E-mail

General

Target

6bf120c4a8844c8443a572d8acb8b2854af480a75cb42c46f4a8cd60d519375a
Size

208KB
MD5

5936104b54df3a74eec938b16132264c
SHA1

00cb6d34f61f1db55d95aff9eef5fe26be70d4a8
SHA256

6bf120c4a8844c8443a572d8acb8b2854af480a75cb42c46f4a8cd60d519375a
SHA512

52ed246f9de1462071b6acca60d0216d41a61c6ace4e9ec022c6a54d8a6e3a8d8c8246bee44e1349efa40e968d5b3c15a24a2cf53c3daab654af6a3561fbc012
SSDEEP

3072:F6t0RO/9Guv8bOTk1pHvP55eBTE7P2T31Vrf7rwUqflcODvl/nSwItUTFRnDnrAk:MiOF8aTLrylcODv5ddFRDnrAlGU+lQJo

Score

N/A

Malware Config

Signatures

Files

6bf120c4a8844c8443a572d8acb8b2854af480a75cb42c46f4a8cd60d519375a
.dll windows x86

2e7ddb531a8d2b153e3dd03a37c8ba19

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetProcAddress
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
GetSystemTimeAsFileTime
CloseHandle
CreateThread
SetCurrentDirectoryA
GetCurrentDirectoryA
Sleep
GetCurrentThreadId
GetTickCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
GetCurrentProcessId

msvcr80

__RTDynamicCast
malloc
free
fseek
ftell
feof
ferror
fread
_purecall
fclose
fwrite
fopen
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
??3@YAXPAX@Z
memset
strlen
memcpy
qsort
log
strcmp
_CxxThrowException
__CxxFrameHandler3
fflush

Exports

Exports

BIBGetGetProcAddress
BIBGetVersion
BIBInitialize
BIBInitialize2
BIBInitialize3
BIBInitialize4
BIBLockSmithAssertNoLocksImpl
BIBLockSmithDeleteImpl
BIBLockSmithLockImpl
BIBLockSmithUnlockImpl
BIBTerminate

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2e7ddb531a8d2b153e3dd03a37c8ba19

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcr80

Exports

Exports

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 7KB

.text Size: 107KB - Virtual size: 108KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 7KB

.text
Size: 107KB - Virtual size: 108KB