2504429b71a55f4aa5f1c7f87a50247b46e97d4d89d577ce1fbe015a9146381b

Sharing

Copy URL Twitter E-mail

General

Target

2504429b71a55f4aa5f1c7f87a50247b46e97d4d89d577ce1fbe015a9146381b
Size

368KB
MD5

0783573209d2671fbab2832c84d7c390
SHA1

311cfee3be1d6aa6370db43feca7d7f0c60305eb
SHA256

2504429b71a55f4aa5f1c7f87a50247b46e97d4d89d577ce1fbe015a9146381b
SHA512

83fe9afa0d517488c13862fd0eebbe6b88b3230b1c6c44187831839a51f89cd0d2217dc27ec4465217eb21c53e5e7529369c14991277e01bd0985dcccf1ec994
SSDEEP

6144:lZ8/XHTzj5DiL959EAhctvLOeaPZR6drDYdgWIlnxm2wPB0HPm9rKsR7vk/w:lZ8/1Da9EAhgqJg7x7wZgPorKQp

Score

N/A

Malware Config

Signatures

Files

2504429b71a55f4aa5f1c7f87a50247b46e97d4d89d577ce1fbe015a9146381b
.dll windows x86

0ce634d3168789d3dab71d7a24e05eed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
LoadTypeLi
SysStringLen
VarUI4FromStr

kernel32

CloseHandle
GetDateFormatA
DeleteCriticalSection
lstrcmpiW
DeviceIoControl
MultiByteToWideChar
LocalAlloc
LoadResource
InterlockedExchange
CreateMutexW
GetModuleFileNameW
GetLastError
InitializeCriticalSection
GetVersionExA
TerminateProcess
RaiseException
InterlockedCompareExchange
GetModuleHandleA
CreateEventW
InterlockedDecrement
QueryPerformanceCounter
Sleep
lstrlenW
VirtualAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GlobalAlloc
ReadFile
GetCurrentProcessId
GetThreadLocale
CreateFileW
WaitForSingleObject
LocalFree
GetModuleHandleW
GetTickCount
LeaveCriticalSection
GetSystemTimeAsFileTime
FreeLibrary
GetCurrentThreadId
EnterCriticalSection
GlobalFree
InterlockedIncrement
WideCharToMultiByte
SetEvent

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemAlloc
CoInitializeEx
CoTaskMemRealloc

shell32

ShellExecuteW

advapi32

RegOpenKeyExW
UnlockServiceDatabase
RegQueryInfoKeyW
RegCloseKey
RegEnumKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW

Exports

Exports

GetItem
Instance_NewRaw
ThreadsInitialized
WithFilename
_Clear
read_init
strategy

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ce634d3168789d3dab71d7a24e05eed

Headers

File Characteristics

Imports

oleaut32

kernel32

ole32

shell32

advapi32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 64KB - Virtual size: 61KB

.data Size: 52KB - Virtual size: 52KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 64KB - Virtual size: 61KB

.data
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 8KB - Virtual size: 7KB