91785c786832523e3a0cd7a04a2b5db6f9a668a410bacf5f23af80f0185726ab

Sharing

Copy URL Twitter E-mail

General

Target

91785c786832523e3a0cd7a04a2b5db6f9a668a410bacf5f23af80f0185726ab
Size

376KB
MD5

b1389f3de7a0adc56c8553866c2e7a25
SHA1

7becaf72f2c602b4a41f81e8183ffcf8f82d6603
SHA256

91785c786832523e3a0cd7a04a2b5db6f9a668a410bacf5f23af80f0185726ab
SHA512

c073e0173c08e3b90367ba0656158e04ca42ada6ae8914cf08187e83cc3322b183f45904a72cec18e7e833691e11b97af460ce9fada260714ce4e298386e1b65
SSDEEP

6144:I/TPjFx+720Lk5hFgKqteX7PTgquVdR0NJn9Z3JDksjQyUYqa0M08kplIceU6bJY:INx+sDipUjTtuVjwzZZljWbHM0FpN69G

Score

N/A

Malware Config

Signatures

Files

91785c786832523e3a0cd7a04a2b5db6f9a668a410bacf5f23af80f0185726ab
.dll windows x86

659d6dda082b81bb8134dea087787acc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

SymRegisterCallback64
SymInitialize
SymFindFileInPath
SymSetSearchPath
SymSetOptions
MakeSureDirectoryPathExists
SymCleanup

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

msvcrt

printf
memset
memcpy
malloc
isspace
isdigit
fseek
free
fprintf
fopen
fgets
fclose
exit
atoi
_vsnprintf
puts
_stricmp
_msize
_ismbblead
_iob
_initterm
_exit
_errno
_controlfp
_cexit
_amsg_exit
__setusermatherr
__set_app_type
__p__fmode
__getmainargs
_XcptFilter
rand
realloc
scanf
srand
strchr
strncmp
strrchr
strstr
time
tolower
_strnset

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

kernel32

UnmapViewOfFile
UnhandledExceptionFilter
Thread32Next
TerminateThread
TerminateProcess
SetUnhandledExceptionFilter
SetLastError
SetFilePointer
SetFileAttributesA
SetErrorMode
SetEndOfFile
RemoveDirectoryA
ReadFile
QueryPerformanceCounter
OutputDebugStringA
OpenProcess
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryA
IsBadHugeWritePtr
InterlockedExchange
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
VirtualAlloc
GetTickCount
GetTempPathA
GetTempFileNameA
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileSectionA
GetModuleHandleA
GetLastError
GetFullPathNameA
GetFileSize
GetFileInformationByHandle
GetFileAttributesExA
GetFileAttributesA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleCursorInfo
GetCommandLineA
GetCommMask
GenerateConsoleCtrlEvent
FreeLibrary
WriteFile
_lread
HeapAlloc
DeleteFileA
CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindFirstFileExA
FindNextFileA
FlushViewOfFile

Exports

Exports

GetNextPageS
GetProviderGuid
GetShaderVersion
ReadFileTransforms
SavePRTBufferToFileW
SetAutoCADFilesColorScheme

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

659d6dda082b81bb8134dea087787acc

Headers

File Characteristics

Imports

dbghelp

version

msvcrt

advapi32

kernel32

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 170KB - Virtual size: 169KB

.data Size: 68KB - Virtual size: 68KB

.rsrc Size: 63KB - Virtual size: 62KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 170KB - Virtual size: 169KB

.data
Size: 68KB - Virtual size: 68KB

.rsrc
Size: 63KB - Virtual size: 62KB

.reloc
Size: 4KB - Virtual size: 3KB