1eb450559fb1d8671437e52065d50f8799d5574855a98cd3c44fc230895fd8d0

Sharing

Copy URL

Twitter E-mail

General

Target

1eb450559fb1d8671437e52065d50f8799d5574855a98cd3c44fc230895fd8d0
Size

380KB
MD5

f89856289bc53a275fb4599c67cc37e0
SHA1

6e9a5320e3a5b6a302a566d061ccc19540f84662
SHA256

1eb450559fb1d8671437e52065d50f8799d5574855a98cd3c44fc230895fd8d0
SHA512

ec980e8719bf0f6a0fc02653920721eddac66b31b88e8ec6190faa4e2ecfa9c2b417cd0a14dc1d01a786942947485f33c68415b31591c5c556192b03aa03e125
SSDEEP

6144:qr0veBg51dehxM8s58mzZ3qYbnXt3v02Fp6qUNcixaujKndVwG0SYhi0:y0veB2w3hi8m166XB04gqUNZxaHdOR

Score

N/A

Malware Config

Signatures

Files

1eb450559fb1d8671437e52065d50f8799d5574855a98cd3c44fc230895fd8d0
.dll windows x86

9c5f71f854c118291c4343e0a58ee5bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegQueryInfoKeyW

shell32

ShellExecuteW

ole32

CoInitialize
CoUninitialize
CoTaskMemAlloc
CoCreateInstance
CoInitializeEx
CoTaskMemRealloc

oleaut32

SysStringLen
SysAllocString
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString

kernel32

Sleep
LocalFree
GetVersionExA
LocalAlloc
GetCurrentProcessId
GetLastError
CreateFileW
WideCharToMultiByte
GlobalAlloc
GetDateFormatA
InterlockedDecrement
EnterCriticalSection
lstrlenW
DeleteCriticalSection
MultiByteToWideChar
SetEvent
GlobalFree
ReadFile
CreateMutexW
QueryPerformanceCounter
InterlockedExchange
GetModuleHandleA
GetCurrentThreadId
TerminateProcess
CloseHandle
GetModuleFileNameW
UnhandledExceptionFilter
lstrcmpiW
InitializeCriticalSection
VirtualAlloc
DeviceIoControl
FreeLibrary
LeaveCriticalSection
GetTickCount
WaitForSingleObject
InterlockedCompareExchange
GetModuleHandleW
LoadResource
SetUnhandledExceptionFilter
InterlockedIncrement
GetSystemTimeAsFileTime
RaiseException

Exports

Exports

FileFlags
List_SetSlice
NewClass1Method
Parse
UnpackTuple
chunk_location

Sections

.text
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c5f71f854c118291c4343e0a58ee5bd

Headers

File Characteristics

Imports

advapi32

shell32

ole32

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 184KB - Virtual size: 182KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 52KB - Virtual size: 52KB

.rsrc Size: 60KB - Virtual size: 59KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 184KB - Virtual size: 182KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 60KB - Virtual size: 59KB

.reloc
Size: 8KB - Virtual size: 7KB