80af305d6028b25ef058fbf67e6217aa01345555f962c59f71a88ccbab3258fd

Sharing

Copy URL

Twitter E-mail

General

Target

80af305d6028b25ef058fbf67e6217aa01345555f962c59f71a88ccbab3258fd
Size

375KB
MD5

9a3833a877cd418e0539986d45264b0d
SHA1

3e4dec297cf312a78748ce3cef64d80e464e5f0e
SHA256

80af305d6028b25ef058fbf67e6217aa01345555f962c59f71a88ccbab3258fd
SHA512

4b0bf79bd10580cb796a860017fd0291711ec17796fc066c2518a4be1469f3cb5ac04041058aefc1e3e9eb8d5364dad4ff01066164679e12a547608ae81c93e4
SSDEEP

6144:v3iMAERTywT4M5iRp5+5JLgqT/FofwpikwMwWAOGgUru+gMj+:v3iMAEgaH5i2gqrFWAijMwW0gUrK

Score

N/A

Malware Config

Signatures

Files

80af305d6028b25ef058fbf67e6217aa01345555f962c59f71a88ccbab3258fd
.dll windows x86

8cc266131cbfc5d35ec967d49bfce7d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
IsBadReadPtr
GetTickCount
ExitProcess
VirtualProtect
Sleep
GetComputerNameA
GetModuleFileNameA
VirtualQuery
HeapAlloc
GetProcessHeap
FlushInstructionCache
CreateThread
GetVolumeInformationA
FlushFileBuffers
GetLocaleInfoW
ReadFile
SetStdHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetSystemInfo
VirtualAlloc
InitializeCriticalSection
IsBadCodePtr
IsBadWritePtr
SetUnhandledExceptionFilter
InterlockedExchange
SetFilePointer
GetOEMCP
GetACP
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetVersionExA
TerminateProcess
GetCurrentProcess
RaiseException
LoadLibraryA
DebugBreak
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
UnhandledExceptionFilter
WriteFile
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CloseHandle
FreeLibrary

user32

GetAsyncKeyState

advapi32

GetUserNameA

shell32

ShellExecuteA

tier0

Error
Msg
?GetSubNode@CVProfNode@@QAEPAV1@PBDH0H@Z
?EnterScope@CVProfNode@@QAEXXZ
?ExitScope@CVProfNode@@QAE_NXZ
g_VProfCurrentProfile
GetCPUInformation
g_pMemAlloc

vstdlib

RandomSeed
Q_strcasecmp
Q_strncpy
Q_snprintf
RandomFloat
KeyValuesSystem
Q_strnicmp

Sections

.text
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cc266131cbfc5d35ec967d49bfce7d7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

tier0

vstdlib

Sections

.text Size: 275KB - Virtual size: 275KB

.rdata Size: 61KB - Virtual size: 61KB

.data Size: 13KB - Virtual size: 252KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 275KB - Virtual size: 275KB

.rdata
Size: 61KB - Virtual size: 61KB

.data
Size: 13KB - Virtual size: 252KB

.reloc
Size: 24KB - Virtual size: 23KB