d08538e2b6cc7c7776939f80add1798836057d988a64d9ea866438c432af7ddb

General

Target

d08538e2b6cc7c7776939f80add1798836057d988a64d9ea866438c432af7ddb
Size

156KB
MD5

a4973207cc1a65e481b2846533139d3a
SHA1

b614ef30736a70eeb7a8c2f51ffcd3108ead2931
SHA256

d08538e2b6cc7c7776939f80add1798836057d988a64d9ea866438c432af7ddb
SHA512

48b4ef3567f5d64031e9c6caea499999c89cad7952fff2b86e4f7eda28f6fc643ef2589e2da855c36e4fdf1088cefe951aded6009d2220282e0f68086a3a673c
SSDEEP

3072:v74QXkcCJxxQOhE58gijL6BLogSvchAl5jFJ7j5S8AP+oQ98hEDQ/sV:DI+eKn3Av55FJ79AGP98hEE0V

Score

N/A

Malware Config

Signatures

Files

d08538e2b6cc7c7776939f80add1798836057d988a64d9ea866438c432af7ddb
.dll windows x86

9f8014414d43866745a1e89fbbc6eba2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelIo
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindClose
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetThreadContext
GetThreadPriority
InterlockedDecrement
InterlockedExchangeAdd
LoadLibraryA
OpenProcess
QueryInformationJobObject
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
VirtualProtect
WaitForMultipleObjects
WaitForSingleObject

shell32

SHGetFolderPathW
SHFormatDrive

wsock32

WSASetLastError
WSAGetLastError

msvcrt

__dllonexit
_adjust_fdiv
_beginthreadex
_endthreadex
_errno
_ftime
_initterm
_onexit
_setjmp3
_wcreat
calloc
exit
free
longjmp
malloc

Exports

Exports

DeleteContext
ExecuteSql
GetBuffers
IVoidPtrList_CreateInstance
Init
UnlocStrEqNW

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f8014414d43866745a1e89fbbc6eba2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

wsock32

msvcrt

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 87KB - Virtual size: 86KB

.data Size: 7KB - Virtual size: 7KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 87KB - Virtual size: 86KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 6KB - Virtual size: 5KB