47b563eb98e86eb2946248cbe4c874d14104ac2c15ac9598f52545d2612cb4cb

Sharing

Copy URL Twitter E-mail

General

Target

47b563eb98e86eb2946248cbe4c874d14104ac2c15ac9598f52545d2612cb4cb
Size

560KB
MD5

4cbc704a1f89988ddf96e5a8b0d61f90
SHA1

cb0581058f3e82c0c119321719db36f5391746e8
SHA256

47b563eb98e86eb2946248cbe4c874d14104ac2c15ac9598f52545d2612cb4cb
SHA512

622473c0041b01b9b74cec3760d505fd3025889ce3dfb0ab3a1243edb54f096764408f302a4efae0314a516662741df1840be740421a6b0ebd7572471feee2aa
SSDEEP

12288:dAAPczH1rgxZal2h35uph7BUUArystaf9Uqay9iYTx:dGzpia0hpYcvr3afiqaykY

Score

N/A

Malware Config

Signatures

Files

47b563eb98e86eb2946248cbe4c874d14104ac2c15ac9598f52545d2612cb4cb
.dll windows x86

c798912f19d373bdd30d7695c1dbe60f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW

ole32

CoTaskMemAlloc
CoInitializeEx
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemRealloc

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
CryptGetKeyParam
RegOpenKeyExW

oleaut32

VarUI4FromStr
SysFreeString
UnRegisterTypeLi
SysStringLen
RegisterTypeLi
LoadTypeLi
SysAllocString

kernel32

InitializeCriticalSection
SetEvent
UnhandledExceptionFilter
GetLastError
FreeLibrary
GetModuleHandleW
GetCurrentThreadId
ReadFile
GetDateFormatA
CloseHandle
LeaveCriticalSection
DeleteCriticalSection
GetTickCount
GetVersionExA
lstrcmpiW
CreateMutexW
SetUnhandledExceptionFilter
VirtualAlloc
WideCharToMultiByte
DeviceIoControl
InterlockedCompareExchange
LoadResource
WaitForSingleObject
LocalFree
InterlockedExchange
RaiseException
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime
EnterCriticalSection
Sleep
GlobalAlloc
lstrlenW
GetModuleFileNameW
MultiByteToWideChar
LocalAlloc
CreateFileW
GetModuleHandleA
GlobalFree
QueryPerformanceCounter
GetCurrentProcessId
TerminateProcess

Exports

Exports

ArithmeticError
FileFlags
Filename
GenericGetAttr
ParseString
StringAAsString
StringADecode
WriteObjectToFile
_rowbytes_threshold

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c798912f19d373bdd30d7695c1dbe60f

Headers

File Characteristics

Imports

shell32

ole32

advapi32

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 156KB - Virtual size: 154KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 156KB - Virtual size: 154KB

.reloc
Size: 8KB - Virtual size: 7KB