85732f2f2313224b98b9fa0172e79c45216324e745691bbe558b239208f55750

Sharing

Copy URL Twitter E-mail

General

Target

85732f2f2313224b98b9fa0172e79c45216324e745691bbe558b239208f55750
Size

104KB
MD5

a82c5daa03a3c131bc18f26946e53575
SHA1

4c78ee79c0084c3f6670f05059f1cd4d2392e85e
SHA256

85732f2f2313224b98b9fa0172e79c45216324e745691bbe558b239208f55750
SHA512

174cb4502933a673bcef8880dde72851947cec134e66b59279612b0f05e112b348b1cb6f34643a10321eddd9e01bfce57a5b493053ca2d0627ed7061d56780e0
SSDEEP

1536:frFRZsHSlg0OAlLpATbX7IyE8K+5DWG99o2r7/iHzRXsT6vqrsNypkzpP:f5xgwFqroFG/o27aHzqT69NyWtP

Score

N/A

Malware Config

Signatures

Files

85732f2f2313224b98b9fa0172e79c45216324e745691bbe558b239208f55750
.dll windows x86

c9db927903bfbcbe9ffb913c74ce58b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
LookupAccountSidW
RegDeleteKeyA
RegCloseKey
FreeSid

version

GetFileVersionInfoW
VerQueryValueA
GetFileVersionInfoA

kernel32

RtlUnwind
GetStringTypeW
GetStringTypeA
LCMapStringA
LoadLibraryExW
GetProcessHeap
GetModuleFileNameA
FindResourceW
CreateFileMappingA
InterlockedCompareExchange
Sleep
IsBadWritePtr
GetCurrentProcessId
LCMapStringW
HeapSize
WriteConsoleW
WriteFile
lstrcpynW
CreateDirectoryW
GlobalUnlock
CopyFileW
GetLocalTime
WriteConsoleA
GetACP
GetTimeFormatA
SuspendThread
LoadResource
SetErrorMode
IsValidLocale
GetModuleHandleA
LoadLibraryA
GetProcAddress
VirtualAlloc
GetHandleInformation
ExitProcess
GetSystemTime
HeapAlloc
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
CloseHandle
CreateFileA
UnhandledExceptionFilter
GetCPInfo
GetOEMCP
FlushFileBuffers
SetStdHandle
SetEndOfFile
ReadFile
SetFilePointer
MultiByteToWideChar

Exports

Exports

Oabhj

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9db927903bfbcbe9ffb913c74ce58b0

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 48KB - Virtual size: 50KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 48KB - Virtual size: 50KB

.reloc
Size: 8KB - Virtual size: 4KB