87dc4aef03f8997b02dcf5c96a9ee283d780a20df801c24004e959ec876d1d9d

Sharing

Copy URL Twitter E-mail

General

Target

87dc4aef03f8997b02dcf5c96a9ee283d780a20df801c24004e959ec876d1d9d
Size

448KB
MD5

cbc7390180eb3080228613084bafb800
SHA1

5dbdba717089281f841e660fd8b699c94ea1f52f
SHA256

87dc4aef03f8997b02dcf5c96a9ee283d780a20df801c24004e959ec876d1d9d
SHA512

78a66eb3a39995fff710c99c1304375239442f1f4be7f3321b0aff42937bdf75600cc5722640d7235044a822332c56626f482dd0a6bd9fcdfd40b13c14f29a62
SSDEEP

12288:/lOX8QitKHCQT2nIJsr8IAymSQZLqpZSW9lxP:/lOXRitKPTUysr8PyMmL3h

Score

N/A

Malware Config

Signatures

Files

87dc4aef03f8997b02dcf5c96a9ee283d780a20df801c24004e959ec876d1d9d
.dll windows x86

576e23b87228e6459e8b9c93ab33f0ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
VarUI4FromStr
RegisterTypeLi
LoadTypeLi
SysStringLen
SysAllocString
UnRegisterTypeLi

kernel32

GetTickCount
InterlockedDecrement
lstrlenW
InterlockedExchange
ReadFile
GetCurrentThreadId
GetModuleHandleW
CreateFileW
lstrcmpiW
DeleteCriticalSection
InitializeCriticalSection
GlobalFree
LocalFree
QueryPerformanceCounter
LeaveCriticalSection
InterlockedIncrement
GlobalAlloc
CreateMutexW
GetModuleFileNameW
GetVersionExA
SetEvent
Sleep
TerminateProcess
LoadResource
FreeLibrary
WaitForSingleObject
InterlockedCompareExchange
GetCurrentProcessId
RaiseException
CloseHandle
MultiByteToWideChar
EnterCriticalSection
VirtualAlloc
SetUnhandledExceptionFilter
DeviceIoControl
GetSystemTimeAsFileTime
WideCharToMultiByte
GetModuleHandleA
UnhandledExceptionFilter
GetLastError
GetDateFormatA
LocalAlloc

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegSetValueExW

ole32

CoCreateInstance
CoTaskMemRealloc
CoInitialize
CoUninitialize
CoInitializeEx
CoTaskMemAlloc

shell32

ShellExecuteW

Exports

Exports

InPlaceRshift
Instance_NewRaw
List_SetItem
NormalizeException
StringAAsString
get_x_offset_pixels
read_row

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

576e23b87228e6459e8b9c93ab33f0ac

Headers

File Characteristics

Imports

oleaut32

kernel32

advapi32

ole32

shell32

Exports

Exports

Sections

.text Size: 216KB - Virtual size: 215KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 52KB - Virtual size: 52KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 216KB - Virtual size: 215KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 12KB - Virtual size: 10KB