28d6ca38d2775d0e3c54b0327ca9100a7a56e8ebbc5b5ec61249921af0cc6f35

Sharing

Copy URL

Twitter E-mail

General

Target

28d6ca38d2775d0e3c54b0327ca9100a7a56e8ebbc5b5ec61249921af0cc6f35
Size

376KB
MD5

fd08f0b2666336ba5c45d145ce2ec2f0
SHA1

ca979f503b452aa99e09cf4bdd0a036676a77ce3
SHA256

28d6ca38d2775d0e3c54b0327ca9100a7a56e8ebbc5b5ec61249921af0cc6f35
SHA512

bff1151d46fe34616f90a1e91570c673a079416c4b79c6452e536e7e30bc18438180f81b0f6bba2c8d8e686a26e2f512ac428ec9cdc696789c781e7c809f5325
SSDEEP

6144:3X96Jq6BMwYrKsQ5dm1LCCaeHGY0mOcWKyKYVSm6gctj060cQGIb79OHPRSVZsSC:3X6RrWlPakOuyK06bxsDHb7vVZs4mRWm

Score

N/A

Malware Config

Signatures

Files

28d6ca38d2775d0e3c54b0327ca9100a7a56e8ebbc5b5ec61249921af0cc6f35
.dll windows x86

d3304b4ff48fd1ce3e0345018b21a6e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
RegisterTypeLi
SysAllocString
VarUI4FromStr
SysStringLen
UnRegisterTypeLi
LoadTypeLi

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW
CryptGetKeyParam
RegEnumKeyExW
RegQueryInfoKeyW

shell32

ShellExecuteW

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize
CoInitializeEx
CoCreateInstance

kernel32

InitializeCriticalSection
InterlockedExchange
GetModuleHandleA
CreateMutexW
lstrlenW
MultiByteToWideChar
SetEvent
RaiseException
GlobalAlloc
SetUnhandledExceptionFilter
CloseHandle
EnterCriticalSection
DeleteCriticalSection
ReadFile
LoadResource
Sleep
lstrcmpiW
GetVersionExA
CreateFileW
GetDateFormatA
WaitForSingleObject
UnhandledExceptionFilter
LocalAlloc
VirtualAlloc
TerminateProcess
GetTickCount
GetLastError
InterlockedCompareExchange
DeviceIoControl
QueryPerformanceCounter
GetModuleHandleW
WideCharToMultiByte
LeaveCriticalSection
LocalFree
GetModuleFileNameW
InterlockedDecrement
GetCurrentThreadId
GetSystemTimeAsFileTime
FreeLibrary
GlobalFree
InterlockedIncrement
GetCurrentProcessId

Exports

Exports

GeneratorExit
Long_FromDouble
ParseFileFlags
Print
_Size
get_unknown_chunks
set_packing

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3304b4ff48fd1ce3e0345018b21a6e2

Headers

File Characteristics

Imports

oleaut32

advapi32

shell32

ole32

kernel32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 52KB - Virtual size: 52KB

.rsrc Size: 56KB - Virtual size: 55KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 56KB - Virtual size: 55KB

.reloc
Size: 8KB - Virtual size: 7KB