167e3057430d232f687a73d8cd5bd90b3712712a2f32c118826eda9ddbc74c7f

General

Target

167e3057430d232f687a73d8cd5bd90b3712712a2f32c118826eda9ddbc74c7f
Size

450KB
MD5

a2f8435fe3f7410b0da065916b5f7940
SHA1

9acb95bc96877730ff6857914741a948db776985
SHA256

167e3057430d232f687a73d8cd5bd90b3712712a2f32c118826eda9ddbc74c7f
SHA512

801bf0c00a9509b8df8cdf5fb5d38950e18448e88bbc452d609fad425d445425fef9c074a610b6cfa2b528f3b1b8bdc2e72980af65ea2963a003155d7d104edf
SSDEEP

12288:Mo/qC2DB3xYSOBL93oNO9ypirH+NZRIvjZPOi4uyDo:M/dB3xYvLiO9ysyNZOOiB

Score

N/A

Malware Config

Signatures

Files

167e3057430d232f687a73d8cd5bd90b3712712a2f32c118826eda9ddbc74c7f
.dll windows x86

b745009a1aaca19822e08090bc48315e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

isprint
isspace
memcpy
strtoul
_vsnprintf
RtlUnwind
NtSystemDebugControl
NtQuerySystemInformation

advapi32

OpenProcessToken
AdjustTokenPrivileges

kernel32

CloseHandle
CreateFileA
DeleteFileA
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetTickCount
WriteFile
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
Sleep
SetUnhandledExceptionFilter
QueryPerformanceCounter
LoadLibraryA
InterlockedExchange
InterlockedCompareExchange
GetVersionExA

msvcrt

_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_controlfp
_exit
_initterm
calloc
exit
free
getenv
malloc
printf

Exports

Exports

Number_Divide
get_gAMA
get_y_pixels_per_meter
sig_cmp
vLoadModuleW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b745009a1aaca19822e08090bc48315e

Headers

File Characteristics

Imports

ntdll

advapi32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 214KB - Virtual size: 214KB

.data Size: 108KB - Virtual size: 111KB

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 214KB - Virtual size: 214KB

.data
Size: 108KB - Virtual size: 111KB

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 5KB - Virtual size: 4KB