b35d05080d21d02c39dfe36f39bf0071a2ae1a45f0e9b3d91d8d8165ab7be282

Sharing

Copy URL Twitter E-mail

General

Target

b35d05080d21d02c39dfe36f39bf0071a2ae1a45f0e9b3d91d8d8165ab7be282
Size

355KB
MD5

ac084d34a274ad2ef0059ad1ed7c0de1
SHA1

ebecd03d1a0b3ab9fc0c92f035c5d75d044665d4
SHA256

b35d05080d21d02c39dfe36f39bf0071a2ae1a45f0e9b3d91d8d8165ab7be282
SHA512

aee039af8fe142623da3ef73c3818f7c3341d72698501c1c7929b37be9067620ff74bfb96ac39624bd60d6dc5c7c1fa1accbd60089fac0453a9abe493372061d
SSDEEP

6144:auA14JrFwxnQ+6hnhqdTEkvqgejnPNDjfnF/cVfuNdfh7dz:awJmxQ+6BAFoj1vF/cZgZZ

Score

N/A

Malware Config

Signatures

Files

b35d05080d21d02c39dfe36f39bf0071a2ae1a45f0e9b3d91d8d8165ab7be282
.dll windows x86

b6362c29253fa96841fbb90c0b850c33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

WriteFile
VirtualAlloc
UnmapViewOfFile
CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindFirstFileExA
FindNextFileA
FlushViewOfFile
FreeLibrary
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetFileAttributesExA
GetFileInformationByHandle
GetFileSize
GetFullPathNameA
GetLastError
GetModuleHandleA
GetPrivateProfileSectionA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTickCount
HeapAlloc
HeapFree
InterlockedCompareExchange
InterlockedExchange
LoadLibraryA
LocalAlloc
LocalFree
MapViewOfFile
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
ReadFile
RemoveDirectoryA
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetErrorMode
SetFileAttributesA
SetFilePointer
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter

dbghelp

MakeSureDirectoryPathExists
SymCleanup
SymFindFileInPath
SymInitialize
SymRegisterCallback64
SymSetOptions
SymSetSearchPath

msvcrt

_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_controlfp
_errno
_exit
_initterm
_iob
_ismbblead
_msize
_stricmp
_vsnprintf
atoi
exit
fclose
fgets
fopen
fprintf
free
fseek
getenv
isdigit
isspace
malloc
memcpy
memset
printf
puts
rand
realloc
srand
strchr
strncmp
strrchr
strstr
time
tolower

Exports

Exports

CaptureStop
ConcatenateMeshes
GetDefaultJ2KOptions
GetNextRow
PlaneNormalize
SetJ2KOptions

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6362c29253fa96841fbb90c0b850c33

Headers

File Characteristics

Imports

advapi32

version

kernel32

dbghelp

msvcrt

Exports

Exports

Sections

.text Size: 69KB - Virtual size: 69KB

.rdata Size: 164KB - Virtual size: 163KB

.data Size: 68KB - Virtual size: 70KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 164KB - Virtual size: 163KB

.data
Size: 68KB - Virtual size: 70KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 4KB - Virtual size: 3KB