c8130500c39aa13d638ca4cf1c187da3d65c9e732ef68619650eb593abdaaed4

Sharing

Copy URL

Twitter E-mail

General

Target

c8130500c39aa13d638ca4cf1c187da3d65c9e732ef68619650eb593abdaaed4
Size

140KB
MD5

5daa9cf122a7b9647da2d9382a500c90
SHA1

2a8d2d6f8d7a803b3890215d14223849483280a3
SHA256

c8130500c39aa13d638ca4cf1c187da3d65c9e732ef68619650eb593abdaaed4
SHA512

b89601969e71aa07360a377bf96fac171e712194f423a68d6f5720c986e518d50eb740b11d96ceeef0a80626206dd00b78df42f63874b126c93b826b23cdf436
SSDEEP

3072:iYddMY/ovAWHLk3zBJwfZZo0a540RJuXgo5:nMI0AWYCo0m42wg

Score

N/A

Malware Config

Signatures

Files

c8130500c39aa13d638ca4cf1c187da3d65c9e732ef68619650eb593abdaaed4
.dll windows x86

4ad28673ca5eacf6d7b5442874c1c5a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegQueryValueExA
RegEnumValueW
RegOpenKeyExA
EqualSid
RegEnumKeyExA
RegQueryValueExW
RegQueryValueW
UnlockServiceDatabase

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

RtlUnwind
GetStringTypeA
LCMapStringW
LCMapStringA
IsValidLocale
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetHandleInformation
VirtualAlloc
GetVersionExW
WriteConsoleW
RaiseException
HeapFree
GetCurrentDirectoryA
GlobalLock
GetStdHandle
GetModuleFileNameA
GetFileType
HeapCreate
CreateDirectoryA
GetCurrentDirectoryW
lstrcpyA
CreateMutexA
GetVersionExA
InterlockedCompareExchange
ExpandEnvironmentStringsA
Sleep
GetTempFileNameA
GetStringTypeW
WideCharToMultiByte
ResumeThread
LeaveCriticalSection
CreateEventA
GetThreadLocale
SetCurrentDirectoryW
GetTempPathA
GetProcessHeap
CreateEventW
CreateFileMappingA
GetConsoleCP
ExitThread
SetPriorityClass
QueryPerformanceCounter
GlobalHandle
SetEnvironmentVariableA
CreateFileW
HeapSize
IsValidCodePage
VirtualQuery
ExitProcess
GetSystemTime
HeapAlloc
GetCommandLineA
GetVersion
HeapDestroy
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
FatalAppExitA
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
CloseHandle
CreateFileA
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers
SetStdHandle
SetEndOfFile
ReadFile
SetFilePointer
MultiByteToWideChar

Exports

Exports

afuyfjsazu

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ad28673ca5eacf6d7b5442874c1c5a2

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 52KB - Virtual size: 55KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 52KB - Virtual size: 55KB

.reloc
Size: 12KB - Virtual size: 8KB