ca9facfea91ce11cfcbc685f0818040d0790a8f1c790b80bfbaff8bbb8b138d6

General

Target

ca9facfea91ce11cfcbc685f0818040d0790a8f1c790b80bfbaff8bbb8b138d6
Size

42KB
MD5

6420a66b766bde9eefc7799e40b9dfc6
SHA1

280a7c3fca0ec5e513c5fac39c8a7c7b1cebbb16
SHA256

ca9facfea91ce11cfcbc685f0818040d0790a8f1c790b80bfbaff8bbb8b138d6
SHA512

a6d588fe20bc2e806559e1fc303ddc14c9d85bd54b4e15b42a1a5a3c2e1216220676af1f24b82a0d50a6bd6f99f34631e9bf957629de8abd50936a8451537844
SSDEEP

768:BjtNDSAoTZyDU9x0o9P388xG/SHR+j6CRNgxypxAhXJGMe:XIAoTZyQAopxx4Sx+2CRNHwXJG

Score

N/A

Malware Config

Signatures

Files

ca9facfea91ce11cfcbc685f0818040d0790a8f1c790b80bfbaff8bbb8b138d6
.dll windows x86

92261131747aa3df1b5d13720a6d93b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
VirtualFree
MultiByteToWideChar
TlsAlloc
TerminateProcess
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapAlloc
lstrcmpiA
GetProcessHeap
GetVersion
GetStringTypeW
GetStringTypeA
LCMapStringW
GetCurrentProcess
GetModuleHandleA
GetCommandLineA
HeapDestroy
HeapCreate
HeapFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
HeapReAlloc
TlsSetValue
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
LCMapStringA
RtlUnwind

user32

MessageBoxA

advapi32

RegDeleteValueW

Exports

Exports

GetDeviceIOCtl
OpenZipFileA

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92261131747aa3df1b5d13720a6d93b1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 6KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 2KB - Virtual size: 1KB