1518534c4dac7738de37ade6613fd824ceb73645842e9048b98548b5dc7d6c29

Sharing

Copy URL Twitter E-mail

General

Target

1518534c4dac7738de37ade6613fd824ceb73645842e9048b98548b5dc7d6c29
Size

144KB
MD5

3d6018ee3b188a2f14244d75cf40e43f
SHA1

d7ce8f498f045857fedd52f25387b281f712c2d1
SHA256

1518534c4dac7738de37ade6613fd824ceb73645842e9048b98548b5dc7d6c29
SHA512

e87fd80bbcb91ed3a13f486956d3991bacd6ba04c37abad9f9ae2b1ce314ed6b4945d52f26492fbf4755ac340e635693e2d5b5d9de3e956fa193c3895896cf68
SSDEEP

3072:+i1LW9s6PGlH4f5lDl5QEH8rKcubyVWCwqUtqqJS8:f1zN+5lDly0YQbxjqqJ

Score

N/A

Malware Config

Signatures

Files

1518534c4dac7738de37ade6613fd824ceb73645842e9048b98548b5dc7d6c29
.dll windows x86

0c1e62b598605327dfa8799d77879368

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
FreeLibrary
LocalFree
CloseHandle
ExpandEnvironmentStringsW
WideCharToMultiByte
LocalAlloc
GetProcAddress
LoadLibraryA
FindClose
FindNextFileA
InterlockedExchangeAdd
FindFirstFileA
InterlockedDecrement
RemoveDirectoryA
DeleteFileA
FileTimeToSystemTime
CompareFileTime
WriteFile
IsDBCSLeadByte
MoveFileExA
SetFileAttributesA
LeaveCriticalSection
GetOverlappedResult
GetLastError
ReadFile
CreateFileA
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentThread
TryEnterCriticalSection
FormatMessageW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetLocalTime
InterlockedIncrement
CompareStringW
GetModuleHandleW
lstrcmpiW
lstrcmpW
OutputDebugStringA
EnterCriticalSection
VirtualProtect
GlobalFree
GetCommandLineA
SetFileTime
GlobalAlloc

user32

CharUpperW
CharPrevExA

advapi32

IsValidSecurityDescriptor
GetSecurityDescriptorLength
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegSetValueExW

ole32

CoUninitialize

msvcr71

iswctype
__dllonexit
__CppXcptFilter
_adjust_fdiv
_except_handler3
strchr
wcslen
wcscpy
_wcsicmp
memcpy
time
_amsg_exit
_initterm
free
memset
_onexit
iswspace
towupper
towlower
_callnewh
_CxxThrowException
malloc
_vsnwprintf
_errno
_wtoi
__CxxFrameHandler

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c1e62b598605327dfa8799d77879368

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcr71

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB