a102249c1bb4e3bd3b3cd9b1de364014d31a9a2c57c981d7fa80ae1af00d0eeb

Sharing

Copy URL Twitter E-mail

General

Target

a102249c1bb4e3bd3b3cd9b1de364014d31a9a2c57c981d7fa80ae1af00d0eeb
Size

584KB
MD5

4550cd889a4d3385248ffb0c17f61ce0
SHA1

d5cf8252729d810ef850371bfa41594f0e2d5c61
SHA256

a102249c1bb4e3bd3b3cd9b1de364014d31a9a2c57c981d7fa80ae1af00d0eeb
SHA512

6e69c04f53593bfdb7bedd0a2e0f7bbc8fd5ff29cc712f0a6d53b832343b97a4ad0a3beaabaefdd4a5f44ffcb5fae5aeafb63609e6ffbbba258ba3fb6030275b
SSDEEP

12288:ciwHlCmDLbhEyWwLjJ9bfpA38L4Tc/2wEbVED8cJ5:tmvVNWsJPAsMwOwkEDf

Score

N/A

Malware Config

Signatures

Files

a102249c1bb4e3bd3b3cd9b1de364014d31a9a2c57c981d7fa80ae1af00d0eeb
.dll windows x86

c16c54ae1767a3ad77e6c524af9084ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarUI4FromStr
LoadTypeLi
SysStringLen
SysFreeString
UnRegisterTypeLi
RegisterTypeLi
SysAllocString

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoInitializeEx
CoInitialize
CoUninitialize

kernel32

lstrcmpiW
GetThreadLocale
CreateFileW
ReleaseMutex
QueryPerformanceCounter
DeviceIoControl
GlobalFree
DeleteCriticalSection
InterlockedIncrement
LocalAlloc
CreateEventW
CreateMutexW
WideCharToMultiByte
LoadResource
EnterCriticalSection
RaiseException
InterlockedDecrement
GlobalAlloc
InterlockedExchange
CloseHandle
GetCurrentThreadId
lstrlenW
ReadFile
GetLastError
WaitForMultipleObjects
Sleep
GetModuleHandleA
ResetEvent
GetModuleFileNameW
GetCurrentProcessId
InterlockedCompareExchange
SetEvent
LeaveCriticalSection
GetVersionExA
TerminateProcess
VirtualAlloc
CreateWaitableTimerW
GetModuleHandleW
FreeLibrary
MultiByteToWideChar
GetDateFormatA
GetTickCount
GetExitCodeThread
WaitForSingleObject
GetSystemTimeAsFileTime
LocalFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSection

Exports

Exports

GetItem
Instance_NewRaw
ThreadsInitialized
WithFilename
_Clear
read_init
strategy

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c16c54ae1767a3ad77e6c524af9084ce

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

kernel32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 152KB - Virtual size: 152KB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 152KB - Virtual size: 152KB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 8KB - Virtual size: 7KB