e418dd9071de98c0b17c7937e05960911e48d0db6e1b55d7d9f11766b76d9d32

Sharing

Copy URL Twitter E-mail

General

Target

e418dd9071de98c0b17c7937e05960911e48d0db6e1b55d7d9f11766b76d9d32
Size

615KB
MD5

59ad91f4e019c179f0c3693318fad9e5
SHA1

a260635b415f70cc8dfab12bda6f5fcd90cbdcab
SHA256

e418dd9071de98c0b17c7937e05960911e48d0db6e1b55d7d9f11766b76d9d32
SHA512

d62c4c7e4e4b878385f539ca6f41b8eb4e70b5081a9b0fc5c089a56fa9a492621be4c8694856576ee9aa8ec22eceb3206f9660da55d72d5ad0ac26e32fc3b474
SSDEEP

12288:Mza2LM76Rw/eZpYK9wPHlPRLH1rkZO/ymjg:0zMuAKkZLVfq

Score

N/A

Malware Config

Signatures

Files

e418dd9071de98c0b17c7937e05960911e48d0db6e1b55d7d9f11766b76d9d32
.dll windows x86

308d86c24e6095b887377993f69441f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextW

kernel32

GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentThreadId
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessPriorityBoost
GetStartupInfoA
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
FreeEnvironmentStringsW
LCMapStringW
LeaveCriticalSection
LoadResource
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
FreeEnvironmentStringsA
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadLocale
SizeofResource
Sleep
TerminateProcess
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
lstrcmpiW
lstrlenW
FlushFileBuffers
FindResourceW
ExitProcess
EnterCriticalSection
CreateFileA
CloseHandle
LCMapStringA
RtlUnwind

advapi32

RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegQueryInfoKeyW

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
PropVariantClear

oleaut32

VarUI4FromStr
UnRegisterTypeLi
SysStringLen
SysFreeString
SysAllocString
RegisterTypeLi
LoadTypeLi

Exports

Exports

Addr2Line
InteractiveOne
NewMember
SetItem
StandardError
_InterruptOccurred
_getsig
method

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

308d86c24e6095b887377993f69441f6

Headers

File Characteristics

Imports

user32

kernel32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 122KB - Virtual size: 122KB

.rdata Size: 362KB - Virtual size: 361KB

.data Size: 106KB - Virtual size: 107KB

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 122KB - Virtual size: 122KB

.rdata
Size: 362KB - Virtual size: 361KB

.data
Size: 106KB - Virtual size: 107KB

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 6KB - Virtual size: 6KB