f4758d4135a2474d0228117dbb48cd6c6b30846101b80b1796daa47a0cfd067a

Sharing

Copy URL Twitter E-mail

General

Target

f4758d4135a2474d0228117dbb48cd6c6b30846101b80b1796daa47a0cfd067a
Size

362KB
MD5

38ecd5f5053e60639541f2e6faf4416b
SHA1

389ca8ce0920818f2a61c80ebe7526c2cd870a5d
SHA256

f4758d4135a2474d0228117dbb48cd6c6b30846101b80b1796daa47a0cfd067a
SHA512

0b436e01861cf3612e0b321ab32a0f172fb26cb969fd1a178ffc39789e1ae1fbc2c32c90210116239bba42e9c2f58c61ed2d139acbda093956f4f9be1c5f9f3f
SSDEEP

6144:IleGhtaG3JO9mVqSVnwBZhpVTTSZDbKW2EiK0/d68wDRxr4qnUtE:ITtvGdppSZDbKWYK0fIxrrh

Score

N/A

Malware Config

Signatures

Files

f4758d4135a2474d0228117dbb48cd6c6b30846101b80b1796daa47a0cfd067a
.dll windows x86

7004d3da6d0d5b1383f6d4c4df6e63ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

tolower
strstr
strrchr
strncmp
strchr
srand
realloc
rand
printf
memset
memcpy
malloc
isspace
isdigit
getenv
fseek
free
fprintf
fopen
fclose
exit
atoi
_wstati64
_wstat
_stricmp
_msize
_mbsnbcat
_ismbcalpha
_ismbblead
_iob
_initterm
_getch
_errno
_controlfp
_cexit
_amsg_exit
__setusermatherr
__p__commode
__getmainargs
_XcptFilter
_CIpow
_CIexp

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

dbghelp

SymRegisterCallback64
SymCleanup
MakeSureDirectoryPathExists
SymSetOptions
SymSetSearchPath
SymFindFileInPath
SymInitialize

kernel32

UnmapViewOfFile
UnhandledExceptionFilter
TlsSetValue
TerminateProcess
SetUnhandledExceptionFilter
SetPriorityClass
SetLastError
SetFilePointer
SetFileAttributesA
SetErrorMode
SetEndOfFile
SetCurrentDirectoryA
SetCommTimeouts
RtlUnwind
RequestDeviceWakeup
RemoveDirectoryA
ReadFile
QueryPerformanceCounter
OutputDebugStringA
OpenProcess
MulDiv
VirtualAlloc
LocalAlloc
LoadLibraryA
IsDBCSLeadByteEx
InterlockedExchange
InterlockedCompareExchange
HeapFree
HeapAlloc
GetTickCount
GetTempPathA
GetTempFileNameA
GetTapeParameters
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileSectionA
GetModuleHandleA
GetFullPathNameA
GetFileSize
GetFileInformationByHandle
WriteFile
_hread
MapViewOfFile
CreateFileMappingA
GetFileAttributesExA
GetFileAttributesA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
GetCommModemStatus
FreeLibrary
CancelIo
CloseHandle
CopyFileA
CreateFileA
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindFirstFileExA
FindNextFileA
FlushViewOfFile

Exports

Exports

CreateAdapterConfigurationPort
CreateSphere
CreateVolumeTextureFromFileA
FrameFind
GetLDAPTypeName
GetRTFOptions
PlaneIntersectLine
Vec3TransformArray

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7004d3da6d0d5b1383f6d4c4df6e63ec

Headers

File Characteristics

Imports

msvcrt

version

advapi32

dbghelp

kernel32

Exports

Exports

Sections

.text Size: 75KB - Virtual size: 74KB

.rdata Size: 167KB - Virtual size: 167KB

.data Size: 68KB - Virtual size: 69KB

.rsrc Size: 46KB - Virtual size: 45KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 75KB - Virtual size: 74KB

.rdata
Size: 167KB - Virtual size: 167KB

.data
Size: 68KB - Virtual size: 69KB

.rsrc
Size: 46KB - Virtual size: 45KB

.reloc
Size: 4KB - Virtual size: 4KB