a1d679a9f618a8dd1966a7cdbfc44512518590b4ec56469486a0a5e2987a1e15

Sharing

Copy URL Twitter E-mail

General

Target

a1d679a9f618a8dd1966a7cdbfc44512518590b4ec56469486a0a5e2987a1e15
Size

339KB
MD5

30ff78d7008485a9da80d7c46017ad45
SHA1

007925e1969dfa436356899d997ab264773048f6
SHA256

a1d679a9f618a8dd1966a7cdbfc44512518590b4ec56469486a0a5e2987a1e15
SHA512

e0a4afe4937621cd59932fa1bad2bc2d549f1f1c8a8f842bfcfb3fae5b28712c43558c42a9061e0045249e32afd33527c7cde6961a9cbc655a5c818953e13ef8
SSDEEP

6144:THxnM+1ItBEklm5RGY+2kQoc4j/SOKtC/rC2kS:THxMymEJR6uc7H/rbkS

Score

N/A

Malware Config

Signatures

Files

a1d679a9f618a8dd1966a7cdbfc44512518590b4ec56469486a0a5e2987a1e15
.dll windows x86

785456e8fd2c37c5648205958c213ca8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime
FindResourceA
LoadResource
SizeofResource
FreeResource
LockResource
GetModuleFileNameA

msvcp90

?assign@?$char_traits@D@std@@SAPADPADID@Z
?_Xlen@_String_base@std@@SAXXZ
?assign@?$char_traits@D@std@@SAXAADABD@Z
?find@?$char_traits@D@std@@SAPBDPBDIABD@Z
?_Move_s@?$char_traits@D@std@@SAPADPADIPBDI@Z
?_Copy_s@?$char_traits@D@std@@SAPADPADIPBDI@Z
??0?$allocator@G@std@@QAE@ABV01@@Z
??0?$allocator@G@std@@QAE@XZ
?max_size@?$allocator@D@std@@QBEIXZ
??0?$allocator@D@std@@QAE@ABV01@@Z
??0?$allocator@D@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?length@?$char_traits@D@std@@SAIPBD@Z
?_Xran@_String_base@std@@SAXXZ
?compare@?$char_traits@D@std@@SAHPBD0I@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr90

qsort
printf
?terminate@@YAXXZ
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
__CxxFrameHandler3
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??3@YAXPAX@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
tolower
memmove_s
strcmp
vwprintf_s
_set_invalid_parameter_handler
toupper
sqrt
strstr
memset
_vsnprintf
_mbsstr
memcpy
strchr
vsprintf_s
memmove
sscanf
atoi
strncmp

Exports

Exports

PlugInMain

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

785456e8fd2c37c5648205958c213ca8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp90

msvcr90

Exports

Exports

Sections

.text Size: 182KB - Virtual size: 182KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 63KB - Virtual size: 71KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 34KB - Virtual size: 33KB

.text
Size: 182KB - Virtual size: 182KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 63KB - Virtual size: 71KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 34KB - Virtual size: 33KB