dcfebb87964135e61a33b43998c71421fb8294106b5ad83563d10899136239ca

Sharing

Copy URL Twitter E-mail

General

Target

dcfebb87964135e61a33b43998c71421fb8294106b5ad83563d10899136239ca
Size

351KB
MD5

39231e6ea56eec7038e3858b3132efd9
SHA1

ecff04a4fd31536f7fcd52e96552c3bdf357eb04
SHA256

dcfebb87964135e61a33b43998c71421fb8294106b5ad83563d10899136239ca
SHA512

5c57ec7e612329c6aab2ed7b685a5d7ada531a8077270c9de54b3760dbf94673d20820ff408ca4b2fbf3d7e1691a11b123568be9314f624ffecb57d6d997c6ef
SSDEEP

6144:nsYr/6trYdNs6ow7NH7LxOaELUOqI1juc+Ye0dY7QVMKaI1HXvs+GL0EX42:nf/6tkdbltfxOaELhrjuc1e8Y7iMo1HC

Score

N/A

Malware Config

Signatures

Files

dcfebb87964135e61a33b43998c71421fb8294106b5ad83563d10899136239ca
.dll windows x86

27db78b60409a6be42c79addaf228ded

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

dbghelp

SymRegisterCallback64
SymInitialize
SymFindFileInPath
SymCleanup
SymSetSearchPath
SymSetOptions
MakeSureDirectoryPathExists

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

msvcrt

fprintf
fopen
fgets
ferror
fclose
exit
atoi
_wfsopen
_vsnprintf
_stricmp
_msize
_mbsncmp
free
_initterm
_futime
_cexit
_amsg_exit
__setusermatherr
__set_app_type
__p__wenviron
__p__fmode
__p__commode
__getmainargs
_XcptFilter
_CIfmod
fseek
isdigit
isspace
printf
puts
rand
srand
strncmp
strrchr
time
tolower
_ismbblead

kernel32

WriteFile
VirtualAlloc
UnmapViewOfFile
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
SetLastError
SetFileTime
SetFilePointer
SetFileAttributesA
SetErrorMode
SetEndOfFile
SetCurrentDirectoryA
RemoveDirectoryA
ReadFile
QueueUserAPC
QueryPerformanceCounter
OutputDebugStringA
OpenProcess
MapViewOfFile
LocalAlloc
LoadLibraryA
InterlockedExchange
HeapFree
HeapAlloc
GetTickCount
GetTempFileNameA
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetPrivateProfileSectionA
GetModuleHandleA
GetLastError
GetFullPathNameA
GetFileSize
GetFileInformationByHandle
GetFileAttributesExA
GetFileAttributesA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryA
GetCommandLineA
FreeLibrary
FlushViewOfFile
FindNextFileA
FindFirstFileExA
FindFirstFileA
FindClose
AllocConsole
CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
DeleteFiber
DeleteFileA
ExitProcess

Exports

Exports

FileConvert
FreeMarkers
GetContextsDevice
GetSyntaxOfAttributeOnServer
LoadSurfaceFromFileInMemory
RenameExtS

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27db78b60409a6be42c79addaf228ded

Headers

File Characteristics

Imports

advapi32

dbghelp

version

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 162KB - Virtual size: 161KB

.data Size: 68KB - Virtual size: 69KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 162KB - Virtual size: 161KB

.data
Size: 68KB - Virtual size: 69KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 4KB - Virtual size: 3KB