538e72d24256425240e8c988d9b986bae5777b9902ac12f289566bf08fd910ef

Sharing

Copy URL Twitter E-mail

General

Target

538e72d24256425240e8c988d9b986bae5777b9902ac12f289566bf08fd910ef
Size

373KB
MD5

75583642c08c7766f769be78e43cf2ca
SHA1

8fa8437d8f75e028ef776d6d2883ce99200928f3
SHA256

538e72d24256425240e8c988d9b986bae5777b9902ac12f289566bf08fd910ef
SHA512

bef5fbc69321cb3a1363365fd4fa6b247be2b879d9fb301b33220c893b4e436ddbc130faf7e2161a704dffaf8903df259aba517d1a50847b21f0c915ba45f36e
SSDEEP

6144:ErHYMAD+qXk4CTe9+OfVf1KAljrH+hSVqdcY6K1WcOzUfg48NlvwuKkdJm:Ebk+1OfVf1KcPHmHdcc1WbGUNlAkdJ

Score

N/A

Malware Config

Signatures

Files

538e72d24256425240e8c988d9b986bae5777b9902ac12f289566bf08fd910ef
.dll windows x86

988482a5395a6790690d243a4857bd50

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

msvcrt

strncmp
strchr
srand
setbuf
realloc
rand
puts
printf
memset
memcpy
malloc
isspace
isdigit
getenv
fseek
free
fprintf
fopen
fgets
strrchr
atoi
_wcsicmp
_vsnprintf
_timezone
_strnset
_stricmp
_spawnvp
_msize
_mbsnbcat
_ismbslead
_ismbblead
_iob
_initterm
_exit
_errno
_controlfp
_cexit
_amsg_exit
_aexit_rtn
__set_app_type
__p__fmode
__p__commode
__p__acmdln
__getmainargs
__fpecode
_XcptFilter
strstr
time
tolower
exit

dbghelp

SymInitialize
MakeSureDirectoryPathExists
SymRegisterCallback64
SymSetOptions
SymCleanup
SymFindFileInPath
SymSetSearchPath

kernel32

WriteFile
VirtualAlloc
UnmapViewOfFile
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
SetLastError
SetFilePointer
SetFileAttributesA
SetErrorMode
SetEndOfFile
SetCurrentDirectoryA
RtlUnwind
RemoveDirectoryA
ReadFile
ReadDirectoryChangesW
QueryPerformanceCounter
OutputDebugStringA
OpenProcess
MapViewOfFileEx
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryA
InterlockedExchange
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalCompact
GetTickCount
GetTempPathA
GetTempFileNameA
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileSectionA
GetModuleHandleA
GetLastError
GetFullPathNameA
GetFileSize
GetFileInformationByHandle
GetFileAttributesA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryA
GetCommandLineA
FreeLibrary
FlushViewOfFile
FindNextFileA
FindFirstFileExA
FindFirstFileA
FindClose
ExpandEnvironmentStringsA
ExitProcess
DeleteFileA
CreateFileMappingA
CreateFileA
CopyFileA
BackupSeek
CloseHandle

Exports

Exports

Component
CreateDSObject
Float16To32Array
FrameRegisterNamedMatrices
SetAutoCADFilesColorScheme
SetLoadInfoCallback

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

988482a5395a6790690d243a4857bd50

Headers

File Characteristics

Imports

advapi32

version

msvcrt

dbghelp

kernel32

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 64KB

.rdata Size: 172KB - Virtual size: 172KB

.data Size: 68KB - Virtual size: 68KB

.rsrc Size: 63KB - Virtual size: 63KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 65KB - Virtual size: 64KB

.rdata
Size: 172KB - Virtual size: 172KB

.data
Size: 68KB - Virtual size: 68KB

.rsrc
Size: 63KB - Virtual size: 63KB

.reloc
Size: 3KB - Virtual size: 3KB