37cd6b044d9540b2ef4ee0e1ff1ee0c38180afab862c6fe231b05e23a5c5ab24

Sharing

Copy URL Twitter E-mail

General

Target

37cd6b044d9540b2ef4ee0e1ff1ee0c38180afab862c6fe231b05e23a5c5ab24
Size

108KB
MD5

ba5082d03b3835609ba67bc2db027910
SHA1

c195dab01a96156d515f31f5365bc9ff95e353f4
SHA256

37cd6b044d9540b2ef4ee0e1ff1ee0c38180afab862c6fe231b05e23a5c5ab24
SHA512

1abd41533e0ddd6cd1b5eb2293864a92cb1ee7a34211f58687a9f6571845b65e50f75adbaf413e989e60ac47726747ad2e894c4f58047bec9663213c85d80790
SSDEEP

3072:OaIUZaJGQ1wrQofZygvxH8ahZ0+oszn/C6i:O7gGG6mkgvxH8cZXvzn/

Score

N/A

Malware Config

Signatures

Files

37cd6b044d9540b2ef4ee0e1ff1ee0c38180afab862c6fe231b05e23a5c5ab24
.dll windows x86

fa4afdc1ac66ce722971837e33a075e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
RegQueryInfoKeyW
AllocateAndInitializeSid
RegSetValueExW
RegQueryValueW

version

VerQueryValueA
GetFileVersionInfoSizeA

kernel32

RtlUnwind
GetStringTypeW
GetStringTypeA
IsValidLocale
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetHandleInformation
VirtualAlloc
EnumSystemLocalesA
lstrcmpA
GetCurrentThread
CompareStringW
GlobalUnlock
lstrlenW
GetFileType
SetStdHandle
GetTempPathW
HeapReAlloc
SetCurrentDirectoryW
Sleep
GetModuleFileNameA
FindResourceExW
LoadLibraryExW
DeleteCriticalSection
InterlockedExchange
GetStartupInfoW
ExpandEnvironmentStringsA
GetSystemInfo
LeaveCriticalSection
CreateFileW
FindResourceA
HeapSize
SetEnvironmentVariableA
GetConsoleCP
FormatMessageA
SuspendThread
CreateEventW
InterlockedIncrement
GlobalLock
CreateMutexW
CloseHandle
VirtualFree
RaiseException
lstrcpyW
GetFileSize
FileTimeToLocalFileTime
SetFilePointer
GetLastError
lstrcpynW
GetCurrentDirectoryA
GetACP
ReadFile
ExitProcess
GetSystemTime
HeapAlloc
GetCommandLineA
GetVersion
EnterCriticalSection
InitializeCriticalSection
HeapDestroy
HeapCreate
HeapFree
FatalAppExitA
IsBadWritePtr
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
CreateFileA
UnhandledExceptionFilter
GetCPInfo
GetOEMCP
FlushFileBuffers
SetEndOfFile
MultiByteToWideChar
LCMapStringA
LCMapStringW

Exports

Exports

Lehzytqmzaj

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa4afdc1ac66ce722971837e33a075e9

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 52KB - Virtual size: 55KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 52KB - Virtual size: 55KB

.reloc
Size: 8KB - Virtual size: 4KB