2890c3282cd91c22d1542779dc6e928a1237c918639f8f69fa4a81e2881b2dc7

General

Target

2890c3282cd91c22d1542779dc6e928a1237c918639f8f69fa4a81e2881b2dc7
Size

98KB
MD5

6fb16c4efc9f5a5f2b0f1baa6c3166c0
SHA1

b96acbbbfa54512b000873761eae8acd1429344c
SHA256

2890c3282cd91c22d1542779dc6e928a1237c918639f8f69fa4a81e2881b2dc7
SHA512

79e6826bde12ffca81eb0a227e286f928a22ab75e01cd6164921477755b32a130d2e5fb2432ed39dcb56b0edd23dafc747e53249a5c88d6db6edc24209197ede
SSDEEP

1536:wcpBFncca/4fZsgWY5V2KS7D4j0JgiSQB7UGi/25ndBgmQBB:PQcinJSS7DXJgE7UG62lDgmQn

Score

N/A

Malware Config

Signatures

Files

2890c3282cd91c22d1542779dc6e928a1237c918639f8f69fa4a81e2881b2dc7
.dll windows x86

4d61c16f21c3c008f473d0341058df58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadCodePtr
GetLocaleInfoA
GetLastError
GetStdHandle
GetSystemInfo
LeaveCriticalSection
ResetEvent
WaitForSingleObject
GetSystemTimeAsFileTime
WaitForMultipleObjects
InterlockedExchange
OpenProcess
GetModuleFileNameA
GetCurrentProcessId
GetEnvironmentStrings
FreeEnvironmentStringsA
CreateEventA
DuplicateHandle
CreateMutexW
InitializeCriticalSection
RtlUnwind
GetCurrentThreadId
CreateThread
ReleaseMutex
DeleteTimerQueueTimer
HeapFree
DeleteCriticalSection
UnhandledExceptionFilter
GetCPInfo
SetUnhandledExceptionFilter
CreateTimerQueueTimer
lstrcpyW
GetTickCount
UnmapViewOfFile
GetACP
HeapAlloc
InterlockedCompareExchange
GetOEMCP
VirtualProtect
SetEvent
WideCharToMultiByte
ConnectNamedPipe
IsBadReadPtr
VirtualQuery
QueryPerformanceCounter
GetStartupInfoA
InterlockedDecrement
DisconnectNamedPipe
InterlockedExchangeAdd
FreeEnvironmentStringsW
GetEnvironmentStringsW
MultiByteToWideChar
GetFileType
LCMapStringA
LoadLibraryA
GetModuleHandleA
WriteFile
SetLastError
ExitThread
CopyFileA
CreateNamedPipeA
HeapDestroy
Sleep

user32

DrawIcon
CreateIconFromResource
wsprintfW
LoadIconA

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor

Exports

Exports

wfhzoexgx

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 662B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d61c16f21c3c008f473d0341058df58

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 48KB

.data Size: 35KB - Virtual size: 65KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 1024B - Virtual size: 662B

.text
Size: 49KB - Virtual size: 48KB

.data
Size: 35KB - Virtual size: 65KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 1024B - Virtual size: 662B