c3b470717bb1a5486d46a4e27d2c8dadc40ce89b9092689dc9c4e94ba724de72

Sharing

Copy URL Twitter E-mail

General

Target

c3b470717bb1a5486d46a4e27d2c8dadc40ce89b9092689dc9c4e94ba724de72
Size

564KB
MD5

2e62510d9b42758f8d6749d2aa72ed80
SHA1

e58c5d41eb4553096d6e53a16a200191d494ab30
SHA256

c3b470717bb1a5486d46a4e27d2c8dadc40ce89b9092689dc9c4e94ba724de72
SHA512

e57441346a12d85fe524739d7fecec162dfd20563fcf51698f6a56482b5e5b8460ce44a8b7a81c8b658988cb67040fb67287cb55d1a97f887f631ceee25ef092
SSDEEP

12288:g+1cQIFuVow85gCZ3Wi0irzf82xoSdTDf2Csr3tdzf:3pIFuertK+qc32jdzf

Score

N/A

Malware Config

Signatures

Files

c3b470717bb1a5486d46a4e27d2c8dadc40ce89b9092689dc9c4e94ba724de72
.dll windows x86

cc3070477410841941ad373ced5258f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
VarUI4FromStr
SysAllocString
UnRegisterTypeLi
SysStringLen
LoadTypeLi
RegisterTypeLi

shell32

ShellExecuteW

kernel32

InitializeCriticalSection
InterlockedCompareExchange
MultiByteToWideChar
SetEvent
GetModuleHandleW
DeviceIoControl
lstrcmpiW
LeaveCriticalSection
VirtualAlloc
EnterCriticalSection
WideCharToMultiByte
lstrlenW
GlobalAlloc
GlobalFree
RaiseException
DeleteCriticalSection
InterlockedExchange
GetCurrentProcessId
QueryPerformanceCounter
InterlockedDecrement
CloseHandle
CreateMutexW
LoadResource
SetUnhandledExceptionFilter
GetCurrentThreadId
WaitForSingleObject
Sleep
LocalAlloc
GetModuleHandleA
LocalFree
UnhandledExceptionFilter
GetTickCount
TerminateProcess
GetDateFormatA
GetSystemTimeAsFileTime
FreeLibrary
ReadFile
GetVersionExA
CreateFileW
InterlockedIncrement
GetLastError
GetModuleFileNameW

advapi32

RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryInfoKeyW
RegQueryValueExW

ole32

CoTaskMemAlloc
CoInitializeEx
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemRealloc

Exports

Exports

AppendInittab
Int_FromSsize_t
Number_Divmod
Number_Lshift
write_init_3

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc3070477410841941ad373ced5258f9

Headers

File Characteristics

Imports

oleaut32

shell32

kernel32

advapi32

ole32

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 164KB - Virtual size: 160KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 164KB - Virtual size: 160KB

.reloc
Size: 8KB - Virtual size: 7KB