ac806d9b7ba5c736c908ae971331a90453e9f68ab03b679dcc5646230bbda726

Sharing

Copy URL Twitter E-mail

General

Target

ac806d9b7ba5c736c908ae971331a90453e9f68ab03b679dcc5646230bbda726
Size

104KB
MD5

46048ce8e84ec1f5cb7b28605de3aa4c
SHA1

265477e67f7514d7231a0ad2b4acb9c6d8fd34ca
SHA256

ac806d9b7ba5c736c908ae971331a90453e9f68ab03b679dcc5646230bbda726
SHA512

ceb8db704f982ed5ce4bd19b8ab7087694e30d35b3855e3308b74a543098d26406e35b9b251b3f692513238c683ecc4540da6db6f101432f4d1fdf0235818a99
SSDEEP

1536:r1qZAHSlg0OIdLpATbX7IyE8K+5D6tYG99o6r7/iHzRXsT6vqrsNypkzpP:r1qgAFqrontYG/oi7aHzqT69NyWtP

Score

N/A

Malware Config

Signatures

Files

ac806d9b7ba5c736c908ae971331a90453e9f68ab03b679dcc5646230bbda726
.dll windows x86

c9db927903bfbcbe9ffb913c74ce58b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
LookupAccountSidW
RegDeleteKeyA
RegCloseKey
FreeSid

version

GetFileVersionInfoW
VerQueryValueA
GetFileVersionInfoA

kernel32

RtlUnwind
GetStringTypeW
GetStringTypeA
LCMapStringA
LoadLibraryExW
GetProcessHeap
GetModuleFileNameA
FindResourceW
CreateFileMappingA
InterlockedCompareExchange
Sleep
IsBadWritePtr
GetCurrentProcessId
LCMapStringW
HeapSize
WriteConsoleW
WriteFile
lstrcpynW
CreateDirectoryW
GlobalUnlock
CopyFileW
GetLocalTime
WriteConsoleA
GetACP
GetTimeFormatA
SuspendThread
LoadResource
SetErrorMode
IsValidLocale
GetModuleHandleA
LoadLibraryA
GetProcAddress
VirtualAlloc
GetHandleInformation
ExitProcess
GetSystemTime
HeapAlloc
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
CloseHandle
CreateFileA
UnhandledExceptionFilter
GetCPInfo
GetOEMCP
FlushFileBuffers
SetStdHandle
SetEndOfFile
ReadFile
SetFilePointer
MultiByteToWideChar

Exports

Exports

NUWBITNCMV

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9db927903bfbcbe9ffb913c74ce58b0

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 48KB - Virtual size: 50KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 48KB - Virtual size: 50KB

.reloc
Size: 8KB - Virtual size: 4KB