c46dba941ce6ec1900e59ae066b945fd6d485f2653a1f45aecea50fa631c5277

Sharing

Copy URL Twitter E-mail

General

Target

c46dba941ce6ec1900e59ae066b945fd6d485f2653a1f45aecea50fa631c5277
Size

64KB
MD5

f8e1433959b727da72b06f86e1cb9c42
SHA1

4f728d1d01f554dde87c25cfc0f666080748a2da
SHA256

c46dba941ce6ec1900e59ae066b945fd6d485f2653a1f45aecea50fa631c5277
SHA512

f1f6b51e638762acf23b09e347f6fe5e82854eea9961ebcf0ef4335af55086284eb14615e9e6d408e841edd63417e11a258d9d8b56875f45b2379acace2d52c5
SSDEEP

1536:KFyArtzLOQ6J0rrehur7kXw1sJhwG0BhzDg:KFyqX4Jmi47ku8d0jDg

Score

N/A

Malware Config

Signatures

Files

c46dba941ce6ec1900e59ae066b945fd6d485f2653a1f45aecea50fa631c5277
.dll windows x86

9d563e2cc4c59ce48e99c142b3bb408d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
LockResource
GetLocaleInfoW
CreateProcessW
GetModuleHandleW
SetFileTime
SetLastError
SearchPathA
SetStdHandle
IsBadHugeWritePtr
RegisterWaitForSingleObjectEx
GetCompressedFileSizeW
HeapValidate
UnlockFileEx
FreeEnvironmentStringsW
LockFileEx
GetVolumeNameForVolumeMountPointW
LocalReAlloc
FormatMessageW
WriteFile
CreateTimerQueueTimer
EnumResourceNamesW
UnregisterWaitEx
DisconnectNamedPipe
FindResourceExW
GetSystemDirectoryW
SetProcessWorkingSetSize
GetStringTypeExA
GetFullPathNameA
PeekConsoleInputA
RtlUnwind
FindFirstFileA
SetLocalTime
CreateWaitableTimerA
IsBadReadPtr
GlobalAlloc
GetAtomNameW
CreateFileMappingA
LeaveCriticalSection
CreateProcessA
HeapFree
GetProcAddress
MoveFileExA
CreateDirectoryA
lstrcatW
CreateThread
lstrlenA
VirtualProtect
lstrcpyW
GetComputerNameA
ReleaseMutex
GetModuleFileNameA
CopyFileA
MapViewOfFile
GetModuleHandleA
VirtualQuery
UnmapViewOfFile
LoadLibraryA
CreateMutexA
lstrlenW
GetSystemTimeAsFileTime
ClearCommError
GetProcessHeap

advapi32

RegCloseKey
RegOpenKeyExA
EnumServicesStatusExW
NotifyBootConfigStatus
RegisterServiceCtrlHandlerExW
RegEnumKeyA
GetServiceDisplayNameW
DuplicateTokenEx
QueryServiceStatus
RegDeleteKeyA
IsTextUnicode
QueryServiceLockStatusW
OpenServiceA
MapGenericMask
RegCreateKeyW
CreateProcessWithLogonW
GetUserNameA

gdi32

PtInRegion
GetTextFaceW
UnrealizeObject
GetGlyphOutlineA
StartDocA
FillPath
CreateCompatibleDC
AddFontResourceA
GetTextMetricsA
ExtCreateRegion
CreateHalftonePalette
EnumEnhMetaFile
GetDIBits
GetWorldTransform
WidenPath
CreateFontA
GetPolyFillMode
ResetDCA
ExtCreatePen
SetDIBits
FlattenPath
GetRegionData

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d563e2cc4c59ce48e99c142b3bb408d

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB