2f9f10217fc15575770dc553686755ebf68a5606fa2558021a79e598295eba74

Sharing

Copy URL Twitter E-mail

General

Target

2f9f10217fc15575770dc553686755ebf68a5606fa2558021a79e598295eba74
Size

640KB
MD5

788f415fdfb4c62419f229e344a5cb40
SHA1

8b3efdedbe4488052d4fce44b5996fbe87868742
SHA256

2f9f10217fc15575770dc553686755ebf68a5606fa2558021a79e598295eba74
SHA512

f7b2a36408ef3562c94ba03a447e38d5266867eaa99019efcb697a2df1d960fbb415878f5f3060f79e4f315270a0c626b6c6e5d63aa03fb8fb79f186a0d65703
SSDEEP

12288:tpmmcM59DyTiUoKkK9ZGMLtc8sm17tJJg/kX7hCxVcTJqeblg4:t0mjLLUo5nw/JzrhB1Zbh

Score

N/A

Malware Config

Signatures

Files

2f9f10217fc15575770dc553686755ebf68a5606fa2558021a79e598295eba74
.dll windows x86

f1a82a39761c967d02ef3ad4db90a3cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
CryptGetKeyParam
RegSetValueExW
RegQueryValueExW
RegCloseKey

oleaut32

RegisterTypeLi
SysStringLen
UnRegisterTypeLi
VarUI4FromStr
LoadTypeLi
SysAllocString
SysFreeString

ole32

CoTaskMemAlloc
CoInitialize
CoUninitialize
CoInitializeEx
CoCreateInstance
CoTaskMemRealloc

shell32

ShellExecuteW

kernel32

SetEvent
CloseHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeLibrary
lstrlenW
InterlockedIncrement
QueryPerformanceCounter
LocalAlloc
TerminateProcess
GetLastError
GetCurrentProcessId
LocalFree
InitializeCriticalSection
GetModuleHandleW
LoadResource
GetVersionExA
DeleteCriticalSection
CreateFileW
GlobalFree
InterlockedDecrement
InterlockedExchange
GetSystemTimeAsFileTime
ReadFile
WideCharToMultiByte
DeviceIoControl
InterlockedCompareExchange
GetDateFormatA
EnterCriticalSection
WaitForSingleObject
GetModuleHandleA
MultiByteToWideChar
Sleep
GetTickCount
LeaveCriticalSection
GetCurrentThreadId
VirtualAlloc
lstrcmpiW
GlobalAlloc
GetModuleFileNameW
CreateMutexW
RaiseException

Exports

Exports

FlagsFilename
Node_AddChild
_Index
vSetOptions

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1a82a39761c967d02ef3ad4db90a3cc

Headers

File Characteristics

Imports

advapi32

oleaut32

ole32

shell32

kernel32

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 223KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 156KB - Virtual size: 155KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 224KB - Virtual size: 223KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 156KB - Virtual size: 155KB

.reloc
Size: 12KB - Virtual size: 11KB