b84042297fd4a534872fe66311870efd1d02a9bfe06fdf3e6a23fcb117931af8

General

Target

b84042297fd4a534872fe66311870efd1d02a9bfe06fdf3e6a23fcb117931af8
Size

560KB
MD5

44992c2cf760f787cd026c3b5960ef30
SHA1

6e11163046c58b5629f37feca20e2d7cbd606799
SHA256

b84042297fd4a534872fe66311870efd1d02a9bfe06fdf3e6a23fcb117931af8
SHA512

b93bee530adfb386c5926aee922df0d05cb41a83057ba95cae1a5d9867a612a132e7c428032fce3508a408c9440d96748242a9f66e824c69ad30b4b3ebe209e1
SSDEEP

12288:7W/MekC+WSwF3w4daLcjTM2LAjIt6+Xju:7RS+h4daL+qiXju

Score

N/A

Malware Config

Signatures

Files

b84042297fd4a534872fe66311870efd1d02a9bfe06fdf3e6a23fcb117931af8
.dll windows x86

cab7a059d58ce363b31925c416e21b44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHAddToRecentDocs
SHGetSpecialFolderLocation
ShellExecuteW
SHGetSettings

ole32

CoUninitialize
CoInitializeEx
CoInitialize
CoCreateInstance

kernel32

WideCharToMultiByte
GetModuleHandleW
InitializeCriticalSection
GetModuleFileNameW
SetConsoleCursorPosition
GetCurrentProcessId
UnhandledExceptionFilter
InterlockedIncrement
CreateFileW
GlobalAlloc
DeleteCriticalSection
WaitForSingleObject
FreeLibrary
GetTickCount
GetLastError
InterlockedCompareExchange
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
SetEvent
ReadFile
GetModuleHandleA
GetVersionExA
InterlockedDecrement
SetUnhandledExceptionFilter
GetCurrentThreadId
LocalFree
GetDateFormatA
CloseHandle
QueryPerformanceCounter
TzSpecificLocalTimeToSystemTime
MultiByteToWideChar
VirtualAlloc
RaiseException

advapi32

RegQueryValueExW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegCloseKey

Exports

Exports

ASTFromString
BadInternalCall
GC_UnTrack
SetItem
get_compression_type
get_valid
init_mmx_flags
vExecTokenA
write_png

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cab7a059d58ce363b31925c416e21b44

Headers

File Characteristics

Imports

shell32

ole32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 124KB - Virtual size: 124KB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 124KB - Virtual size: 124KB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 8KB - Virtual size: 7KB