b35c3ac2b51dcbb7b5a56dc3d013bf201845260ebeee403abfcde66f1169f2d3

Sharing

Copy URL Twitter E-mail

General

Target

b35c3ac2b51dcbb7b5a56dc3d013bf201845260ebeee403abfcde66f1169f2d3
Size

104KB
MD5

e21b0f164aeb6e47b73e06478db54745
SHA1

f6f02cd1cd3fcedfd274be984d17dedfcfd7e861
SHA256

b35c3ac2b51dcbb7b5a56dc3d013bf201845260ebeee403abfcde66f1169f2d3
SHA512

55f1b2eacfbad6661fb335a30787ea797bb8c6d2163577822a1e6ccf069e676b984f2b158df68ee713cd53acca2a9f2dc82dcd931a18ecf0a40de9922f9e934e
SSDEEP

1536:BGIZxHSlg0Od3LpATbX7IyE8K+5DbG99oJr7/iHzRXsT6vqrsNypkzpP:BGbg/FqrokG/oF7aHzqT69NyWtP

Score

N/A

Malware Config

Signatures

Files

b35c3ac2b51dcbb7b5a56dc3d013bf201845260ebeee403abfcde66f1169f2d3
.dll windows x86

c9db927903bfbcbe9ffb913c74ce58b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
LookupAccountSidW
RegDeleteKeyA
RegCloseKey
FreeSid

version

GetFileVersionInfoW
VerQueryValueA
GetFileVersionInfoA

kernel32

RtlUnwind
GetStringTypeW
GetStringTypeA
LCMapStringA
LoadLibraryExW
GetProcessHeap
GetModuleFileNameA
FindResourceW
CreateFileMappingA
InterlockedCompareExchange
Sleep
IsBadWritePtr
GetCurrentProcessId
LCMapStringW
HeapSize
WriteConsoleW
WriteFile
lstrcpynW
CreateDirectoryW
GlobalUnlock
CopyFileW
GetLocalTime
WriteConsoleA
GetACP
GetTimeFormatA
SuspendThread
LoadResource
SetErrorMode
IsValidLocale
GetModuleHandleA
LoadLibraryA
GetProcAddress
VirtualAlloc
GetHandleInformation
ExitProcess
GetSystemTime
HeapAlloc
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
CloseHandle
CreateFileA
UnhandledExceptionFilter
GetCPInfo
GetOEMCP
FlushFileBuffers
SetStdHandle
SetEndOfFile
ReadFile
SetFilePointer
MultiByteToWideChar

Exports

Exports

qiyyg

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9db927903bfbcbe9ffb913c74ce58b0

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 48KB - Virtual size: 50KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 48KB - Virtual size: 50KB

.reloc
Size: 8KB - Virtual size: 4KB