71f41c7a5e28df8a7c4a20137c036b4113a56e238437b7bdfdc97a6a2d2982bb

Sharing

Copy URL Twitter E-mail

General

Target

71f41c7a5e28df8a7c4a20137c036b4113a56e238437b7bdfdc97a6a2d2982bb
Size

604KB
MD5

3860785a0c0d58e30de755a9e9d7b692
SHA1

c56a711abea48ecffc12bc98743cbf5f172c35a1
SHA256

71f41c7a5e28df8a7c4a20137c036b4113a56e238437b7bdfdc97a6a2d2982bb
SHA512

60def211260a58973d36fae6e2b18d17cfa9d243baa4ce12b258c9b1ede0de6ef7e72b9f222d97e1dfbb4d14d35eee934089c058c4e3fb89777c4988357cac63
SSDEEP

12288:J1is07sVxxWp+YC/yw6z4Fx2cwQwOu97iia3oO08+fs9y9:Ss07sVxS+YCKwQQXtwOu97iiNOEx

Score

N/A

Malware Config

Signatures

Files

71f41c7a5e28df8a7c4a20137c036b4113a56e238437b7bdfdc97a6a2d2982bb
.dll windows x86

a88038e5445a5b48a2711fe4774c629b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

quickhash

ord606
ord604
ord605
ord603
ord602
ord601
ord55
ord52
ord51

kernel32

GetConsoleCP
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetTimeZoneInformation
GetLocaleInfoW
CreateFileW
CreateFileA
ReadFile
InterlockedIncrement
InterlockedDecrement
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
HeapValidate
IsBadReadPtr
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetLastError
MultiByteToWideChar
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
ExitProcess
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
DebugBreak
lstrlenA
LoadLibraryA
FatalAppExitA
WriteFile
GetConsoleMode
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
FlushFileBuffers
CloseHandle
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
SetConsoleCtrlHandler
LoadLibraryW
GetModuleFileNameA
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeLibrary
GetTimeFormatA
GetDateFormatA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
VirtualQuery
SetStdHandle
WriteConsoleA
GetConsoleOutputCP

Exports

Exports

Encrypt

Sections

.textbss
Size: - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 476KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a88038e5445a5b48a2711fe4774c629b

Headers

File Characteristics

Imports

quickhash

kernel32

Exports

Exports

Sections

.textbss Size: - Virtual size: 222KB

.text Size: 476KB - Virtual size: 473KB

.rdata Size: 84KB - Virtual size: 80KB

.data Size: 8KB - Virtual size: 16KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 24KB - Virtual size: 20KB

.textbss
Size: - Virtual size: 222KB

.text
Size: 476KB - Virtual size: 473KB

.rdata
Size: 84KB - Virtual size: 80KB

.data
Size: 8KB - Virtual size: 16KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 24KB - Virtual size: 20KB