27c79174a283a739713533c4add335c19c16f3c4b00eff1d98693f74c55674e2

General

Target

27c79174a283a739713533c4add335c19c16f3c4b00eff1d98693f74c55674e2
Size

433KB
MD5

c2eca88a15a5082a6a97d42741fbf920
SHA1

8b75ddb4222ee570e5f14d338f88a53142180ee2
SHA256

27c79174a283a739713533c4add335c19c16f3c4b00eff1d98693f74c55674e2
SHA512

fbf5de245f39e9829c406f0a20faa3320d689b0ddafd3af0409f8a9bcbf803aa52e3e6bdbf847b2574265111f57cc5f0dc51d36c70a1af1357f2b5d378d06cb8
SSDEEP

6144:S9xGuJXPoPX597acY4xJzbREhXA3iHADpa/bx5v5SkhcbAK3DXWHl1jfytlaod7:S9NeDfJzIA3+ADpibx5UkK3TWrjk

Score

N/A

Malware Config

Signatures

Files

27c79174a283a739713533c4add335c19c16f3c4b00eff1d98693f74c55674e2
.dll windows x86

266209b06ec31545298ca6a1ea9f757f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenProcessToken
AdjustTokenPrivileges

msvcrt

_vsnprintf
calloc
exit
free
getenv
isprint
isspace
malloc
memcpy
printf
strtoul
_initterm
_exit
_controlfp
_cexit
_amsg_exit
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__getmainargs
_XcptFilter

kernel32

WriteFile
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
Sleep
SetUnhandledExceptionFilter
RtlUnwind
QueryPerformanceCounter
LoadLibraryA
InterlockedExchange
InterlockedCompareExchange
GetVersionExA
GetTickCount
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcAddress
GetModuleHandleA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
FreeLibrary
FormatMessageA
DeleteFileA
CreateFileA
CloseHandle

ntdll

NtSystemDebugControl
NtQuerySystemInformation

Exports

Exports

FromFile
GetModuleDict
Optimize
Property_Type
StringFlags
set_write_status_fn
vGetOptions

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

266209b06ec31545298ca6a1ea9f757f

Headers

File Characteristics

Imports

advapi32

msvcrt

kernel32

ntdll

Exports

Exports

Sections

.text Size: 87KB - Virtual size: 86KB

.rdata Size: 216KB - Virtual size: 215KB

.data Size: 108KB - Virtual size: 108KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 87KB - Virtual size: 86KB

.rdata
Size: 216KB - Virtual size: 215KB

.data
Size: 108KB - Virtual size: 108KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 3KB - Virtual size: 2KB