d328567e1bd8b8910f0fe07307930b430903600c438ddda627c4b2f8b7a46b5d

Sharing

Copy URL Twitter E-mail

General

Target

d328567e1bd8b8910f0fe07307930b430903600c438ddda627c4b2f8b7a46b5d
Size

84KB
MD5

faaad4f26139b2f505b6afcc5613a2a3
SHA1

fd4b55af586ec50c1b1d884f03dee9e3cca3de54
SHA256

d328567e1bd8b8910f0fe07307930b430903600c438ddda627c4b2f8b7a46b5d
SHA512

504da730c577367625ecb2c949e1ce5c0f779580a197aadd6643a9a12ce301191576de9579914b832d5c4c610afeebfcdf824b6de054a20195158105e5dc2ad3
SSDEEP

1536:s4fH2wrjqfoRBFLaYYbKs1ysVTDiQq6/eki71Hcs:5P7ZrkYMkgmQqmek0

Score

N/A

Malware Config

Signatures

Files

d328567e1bd8b8910f0fe07307930b430903600c438ddda627c4b2f8b7a46b5d
.dll windows x86

8652cba0d0601c3aad937ab67bc7ee71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
HeapAlloc
GetProcessHeap
LoadResource
LockResource
SizeofResource
CopyFileW
GetSystemWindowsDirectoryW
QueryPerformanceCounter
GetTempFileNameW
CreateFileW
InitializeCriticalSectionAndSpinCount
DebugBreak
HeapSize
HeapReAlloc
HeapDestroy
OpenEventW
FindResourceExW
FindResourceW
SetLastError
GetLastError
SetEvent
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
Sleep
UnregisterWait
GetVersion
GetCurrentThread
CreateFileMappingA
MapViewOfFile
GetSystemInfo
IsBadReadPtr
VirtualAlloc
UnmapViewOfFile
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
lstrlenW
RaiseException
GetVersionExA
GetModuleFileNameW
lstrcmpW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
InterlockedIncrement
DeleteFileW
LocalFree
CreateDirectoryW
CreateThread
WaitForMultipleObjects
GetExitCodeThread
WaitForSingleObject
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
CreateFileA
DeviceIoControl
FreeLibrary
ChangeTimerQueueTimer
DeleteTimerQueueTimer
CreateTimerQueueTimer
DeleteTimerQueueEx
CreateTimerQueue
QueueUserWorkItem
InterlockedCompareExchange
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
CreateEventW
InterlockedDecrement
GetProfileStringA
OutputDebugStringA

rpcrt4

RpcStringBindingParseW
RpcBindingVectorFree
RpcBindingToStringBindingW
RpcEpUnregister
RpcEpRegisterW
RpcServerListen
RpcServerRegisterIfEx
RpcServerRegisterAuthInfoW
RpcServerInqDefaultPrincNameW
RpcImpersonateClient
RpcRevertToSelfEx
UuidFromStringW
NdrAsyncServerCall
NdrServerCall2
RpcStringFreeW
RpcServerInqBindings
RpcServerUseProtseqW
RpcAsyncCompleteCall
UuidCreate
UuidToStringW
RpcMgmtStopServerListening
RpcAsyncAbortCall

Exports

Exports

_RIQSNRGQ@0

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8652cba0d0601c3aad937ab67bc7ee71

Headers

File Characteristics

Imports

kernel32

rpcrt4

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 40KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 792B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 40KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 792B

.reloc
Size: 4KB - Virtual size: 1KB