b01b1500c8a1b48b903c4667c5a5b97564d8774656491e15771f2708d18d71b5

Sharing

Copy URL

Twitter E-mail

General

Target

b01b1500c8a1b48b903c4667c5a5b97564d8774656491e15771f2708d18d71b5
Size

411KB
MD5

e4a1e1ac96bc1ba61c85f354d9f8655b
SHA1

8db67d0a329a52c78eabaaf5885c9509565783f1
SHA256

b01b1500c8a1b48b903c4667c5a5b97564d8774656491e15771f2708d18d71b5
SHA512

5e00c51d001cdadb004bb244ac5053013696360097b93f7468bb51bc4c73971d79df34992269de8983803f2b98935534d85cd96469f8a457e172c055a3cd9b58
SSDEEP

6144:KDmNdIhxjqhycqyN6Y7Gem+7F+3bIDE2L41fua0Jqb7bdO/8:qmN+hx24c/Vyv+4SCury7bdOE

Score

N/A

Malware Config

Signatures

Files

b01b1500c8a1b48b903c4667c5a5b97564d8774656491e15771f2708d18d71b5
.dll windows x86

01bee9fa49c61ea0952f17952424a22d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_unlock
_CIasin
tolower
raise
qsort
memset
memmove
memcpy
mbstowcs
malloc
iswspace
iswpunct
iswdigit
iswalpha
free
floor
_wspawnvp
_vsnwprintf
_vsnprintf
_CIacos
_stricmp
_purecall
_onexit
_mbsnccnt
_lock
_isnan
_finite
_controlfp
_amsg_exit
__dllonexit
_XcptFilter
_CxxThrowException
_CIsqrt
_CIsin
_CIcos
_CIatan2
_CIatan

ole32

CreateStreamOnHGlobal

gdi32

TranslateCharsetInfo
SetTextColor
SetTextAlign
SetBkMode
SetBkColor
MoveToEx
GetTextMetricsW
GetTextMetricsA
GetObjectW
GetObjectA
GetGlyphOutlineA
GetFontLanguageInfo
GetCharacterPlacementW
GetCharacterPlacementA
ExtTextOutW
ExtTextOutA
DeleteObject
CreateFontIndirectA
CreateDIBSection
SetMapMode

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
LsaEnumerateAccounts

kernel32

GetProcessAffinityMask
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFullPathNameW
GetFileSizeEx
GetProcessPriorityBoost
GetCurrentThreadId
GetCurrentProcessId
GetCommandLineA
FindResourceW
FindResourceA
ExitProcess
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LockResource
MultiByteToWideChar
OutputDebugStringA
Process32Next
QueryPerformanceCounter
ReadFile
ReleaseMutex
SetFilePointer
SetTapeParameters
SizeofResource
UnhandledExceptionFilter
VirtualAlloc
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
GetFileSize
CreateFileA
CreateMutexA
DebugBreak
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection

Exports

Exports

LoadVolumeFromVolume
MatrixDecompose
SHDot
SHEvalSphericalLight
SchemaIsClassAContainer

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01bee9fa49c61ea0952f17952424a22d

Headers

File Characteristics

Imports

msvcrt

ole32

gdi32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 201KB - Virtual size: 201KB

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 201KB - Virtual size: 201KB

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 4KB - Virtual size: 3KB