8515bf16d7777e9c316012e8bd9540c88e19d8f4e8565cc6766f7dfbf1aa4135

Sharing

Copy URL Twitter E-mail

General

Target

8515bf16d7777e9c316012e8bd9540c88e19d8f4e8565cc6766f7dfbf1aa4135
Size

72KB
MD5

d8c3efd1e6e0b7b3e40603988abe4cd9
SHA1

6bdbb067037dceb7f38119aef684f2cde52e2156
SHA256

8515bf16d7777e9c316012e8bd9540c88e19d8f4e8565cc6766f7dfbf1aa4135
SHA512

ff86335230b160f0219ce328f5140d393e985d10c4c78c45b50d3b8315184baf6799a11624126834a05e9618e5f382fbd8774cff106b60aa77a5fd9183bf1507
SSDEEP

1536:FJ2Is2u/v5uuT5lchVoX3o0IOucWINO/I3ew:bhA/wuT5lKonxIOwad

Score

N/A

Malware Config

Signatures

Files

8515bf16d7777e9c316012e8bd9540c88e19d8f4e8565cc6766f7dfbf1aa4135
.dll windows x86

ee640054b3e3dd67e897f9e3a50e83bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
InterlockedIncrement
TlsSetValue
TlsGetValue
LeaveCriticalSection
EnterCriticalSection
Sleep
InterlockedDecrement
WaitForSingleObject
CreateEventW
LocalFree
LocalAlloc
IsDBCSLeadByte
DeleteCriticalSection
HeapFree
GlobalAlloc
HeapAlloc
GetProcessHeap
CloseHandle
GetCurrentProcess
GetLastError
GetCurrentThread
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
GetProcAddress
VirtualProtect
GlobalFree
GetCommandLineA
SwitchToThread

advapi32

OpenProcessToken
RegEnumValueW
QueryServiceStatus
StartServiceW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegCloseKey
RegNotifyChangeKeyValue
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
ConvertSecurityDescriptorToStringSecurityDescriptorW
GetLengthSid
OpenThreadToken
GetTokenInformation
CopySid

rpcrt4

RpcErrorStartEnumeration
RpcErrorSaveErrorInfo

msvcr71

wcscpy
__dllonexit
_except_handler3
malloc
memmove
wcsncmp
wcscmp
qsort
_onexit
wcslen
wcscat
free
_initterm
_adjust_fdiv
__CppXcptFilter

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee640054b3e3dd67e897f9e3a50e83bf

Headers

File Characteristics

Imports

kernel32

advapi32

rpcrt4

msvcr71

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 36KB - Virtual size: 66KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 36KB - Virtual size: 66KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB