madamSmuggler[.]txt

Sharing

Copy URL Twitter E-mail

General

Target

madamSmuggler.txt
Size

577KB
MD5

66a6d4bb6da8d1683092f651421c028f
SHA1

81e7e9ecff5e59ce00829b4bb0a94ccc960b8b93
SHA256

14efc89f9a135724fe635e0ce4f61c871b27358bc9b64c7408ab81bffe446424
SHA512

bd0a002cc51d499b39d7bb7ae316d58df36c00bbcae2272ed2529274c67b6bb60a61f48484fae6804c392f18cf62bac10b968452b7498b0f099d6701e540c8c5
SSDEEP

12288:tFcrdMJ+uCHZvHggIBxKhhVsbVcXlgSt2uSBHXJ280vYn:tFcryJK5YlbWVLrSBHw80vY

Score

N/A

Malware Config

Signatures

Files

madamSmuggler.txt
.dll windows x86

874d9fa21c54994dccad8b792bdf753c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateFileA
CloseHandle
GetLastError
GetCurrentDirectoryA
GetCurrentActCtx
FindFirstFileA
FindNextFileA
FindClose
GetModuleFileNameA
GetStdHandle
ReadFile
GetFileSize
SetEndOfFile
SetFilePointer
CallNamedPipeA
WriteConsoleW
RaiseException
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
SetLastError
GetCurrentThreadId
HeapAlloc
HeapFree
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
FreeLibrary
GetProcAddress
LoadLibraryExW
LCMapStringW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
ExitProcess
GetModuleHandleW
GetModuleHandleExW
GetProcessHeap
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
HeapReAlloc
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
InterlockedFlushSList
RtlUnwind
GetModuleFileNameW
FindFirstFileExW
FindNextFileW
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileType
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
CreateFileW
DecodePointer

Exports

Exports

CXfP836q6
DrawThemeIcon
GrXp40
Skj92W
WIudK398
WkGO396t

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 206KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

874d9fa21c54994dccad8b792bdf753c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 284KB - Virtual size: 283KB

.data Size: 206KB - Virtual size: 208KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 284KB - Virtual size: 283KB

.data
Size: 206KB - Virtual size: 208KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 4KB