53f83a51398631489baf3656f1763f09b181af8fb97f3d3af46884d8b9bf57ec

Sharing

Copy URL Twitter E-mail

General

Target

53f83a51398631489baf3656f1763f09b181af8fb97f3d3af46884d8b9bf57ec
Size

584KB
MD5

65b6d121c36e024daf0043bfec1ab620
SHA1

90079791aad33a62eec5cd6a22327d6cb67c2477
SHA256

53f83a51398631489baf3656f1763f09b181af8fb97f3d3af46884d8b9bf57ec
SHA512

f59d38ae1fab1bf9ce3594b96d316dc271545de5025fb8651677ab93dbf1a6a0114efe16ecc6fe3ce385bff25558ee4b1560a4a94f00362ead6737e4eb3a824b
SSDEEP

12288:hlGB9A/n/sub6K3R/9duP2BeXoWtkqxp:hkAnkubV/Ur4Wtvx

Score

N/A

Malware Config

Signatures

Files

53f83a51398631489baf3656f1763f09b181af8fb97f3d3af46884d8b9bf57ec
.dll windows x86

c16c54ae1767a3ad77e6c524af9084ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarUI4FromStr
LoadTypeLi
SysStringLen
SysFreeString
UnRegisterTypeLi
RegisterTypeLi
SysAllocString

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoInitializeEx
CoInitialize
CoUninitialize

kernel32

lstrcmpiW
GetThreadLocale
CreateFileW
ReleaseMutex
QueryPerformanceCounter
DeviceIoControl
GlobalFree
DeleteCriticalSection
InterlockedIncrement
LocalAlloc
CreateEventW
CreateMutexW
WideCharToMultiByte
LoadResource
EnterCriticalSection
RaiseException
InterlockedDecrement
GlobalAlloc
InterlockedExchange
CloseHandle
GetCurrentThreadId
lstrlenW
ReadFile
GetLastError
WaitForMultipleObjects
Sleep
GetModuleHandleA
ResetEvent
GetModuleFileNameW
GetCurrentProcessId
InterlockedCompareExchange
SetEvent
LeaveCriticalSection
GetVersionExA
TerminateProcess
VirtualAlloc
CreateWaitableTimerW
GetModuleHandleW
FreeLibrary
MultiByteToWideChar
GetDateFormatA
GetTickCount
GetExitCodeThread
WaitForSingleObject
GetSystemTimeAsFileTime
LocalFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSection

Exports

Exports

EvalCode
HasKeyString
RuntimeError
SetFromErrno
start_read_image

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c16c54ae1767a3ad77e6c524af9084ce

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

kernel32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 88KB - Virtual size: 86KB

.data Size: 152KB - Virtual size: 152KB

.rsrc Size: 164KB - Virtual size: 162KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 88KB - Virtual size: 86KB

.data
Size: 152KB - Virtual size: 152KB

.rsrc
Size: 164KB - Virtual size: 162KB

.reloc
Size: 8KB - Virtual size: 7KB