87518509ee677f3f12d2ec3073bdbbd70a743650a06f4effaa44d39a985c8000

Sharing

Copy URL Twitter E-mail

General

Target

87518509ee677f3f12d2ec3073bdbbd70a743650a06f4effaa44d39a985c8000
Size

604KB
MD5

e846d3e572e6c229f14a1e268a01b77b
SHA1

6b6da020cbc5fdab8f0417c25a651a393e19bfdd
SHA256

87518509ee677f3f12d2ec3073bdbbd70a743650a06f4effaa44d39a985c8000
SHA512

b83f28e6510b3a3c3c37f6f42affe48c97c70ed006578ca101d521a81f76553780a2b5892b694a12dd2f2cb102aa00fdc95e35774dbbe238abde08af632dc34f
SSDEEP

12288:fCxb45EuYQWOd+Cm6vCfeA5mEpzR2jqiHm760CW7Kys6k:aV8EhQt+Tf9mEzu4CW7KEk

Score

N/A

Malware Config

Signatures

Files

87518509ee677f3f12d2ec3073bdbbd70a743650a06f4effaa44d39a985c8000
.dll windows x86

6b1ec8d1e91d4ad46a740533d809e28c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextW

kernel32

GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessPriorityBoost
GetStartupInfoA
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
FreeEnvironmentStringsW
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadResource
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
RtlUnwind
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadLocale
SizeofResource
Sleep
TerminateProcess
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
lstrcmpiW
lstrlenW
FreeEnvironmentStringsA
FlushFileBuffers
FindResourceW
ExitProcess
EnterCriticalSection
CreateFileA
CloseHandle
HeapSize

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
PropVariantClear

oleaut32

SysFreeString
SysStringLen
UnRegisterTypeLi
VarUI4FromStr
SysAllocString
RegisterTypeLi
LoadTypeLi

advapi32

RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegCloseKey

Exports

Exports

Int_FromUnicode
ReloadModule
get_pCAL
set_flush
write_rows

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 349KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b1ec8d1e91d4ad46a740533d809e28c

Headers

File Characteristics

Imports

user32

kernel32

ole32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 111KB - Virtual size: 111KB

.rdata Size: 349KB - Virtual size: 348KB

.data Size: 107KB - Virtual size: 107KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 349KB - Virtual size: 348KB

.data
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 6KB - Virtual size: 5KB