52ed3ab9ddcc6554e05f1f20eec29badf9651bcc2faccc5221043aa951d37597

General

Target

52ed3ab9ddcc6554e05f1f20eec29badf9651bcc2faccc5221043aa951d37597
Size

124KB
MD5

b317bb9870d5320a714494de0a035520
SHA1

11d0a9f8f4a869d330e6553b278065d90e11b1f2
SHA256

52ed3ab9ddcc6554e05f1f20eec29badf9651bcc2faccc5221043aa951d37597
SHA512

f1e0563e54bc4ba3794fb7893795cc2221787ee7077fe8bf9455f573c3ea36f31b4abf9d4ac1f22aecb6403669561c82f8821a441743da9fed9573ce0e2c1618
SSDEEP

3072:pxe2XrxrILo5qnlU+VuMRGG31AtB9N6fZ:pxe5iqa+VubXtB9

Score

N/A

Malware Config

Signatures

Files

52ed3ab9ddcc6554e05f1f20eec29badf9651bcc2faccc5221043aa951d37597
.dll windows x86

5250ad053bd6639dc09e56a4bcdd5a8b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetEvent
WaitForSingleObject
CreateEventW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedIncrement
WideCharToMultiByte
GetComputerNameA
SetUnhandledExceptionFilter
GetLocaleInfoA
lstrlenW
lstrcpyW
lstrcatW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LocalFree
LocalAlloc
CloseHandle
GetCommandLineA
InterlockedExchange
VirtualProtect
GetStringTypeW
GetStringTypeA
LCMapStringW
GetSystemInfo
MultiByteToWideChar
LCMapStringA
HeapSize
RtlUnwind
GetVersionExA
VirtualQuery
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
HeapAlloc
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
LoadLibraryA

advapi32

SetServiceStatus
StartServiceCtrlDispatcherW
RegDeleteKeyA
RegCloseKey
GetUserNameA

ole32

CoFreeUnusedLibraries
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5250ad053bd6639dc09e56a4bcdd5a8b

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 36KB - Virtual size: 70KB

.rsrc Size: 28KB - Virtual size: 24KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 36KB - Virtual size: 70KB

.rsrc
Size: 28KB - Virtual size: 24KB

.reloc
Size: 4KB - Virtual size: 2KB