c8048204663024db5ddb1360bf0bdb5e75b5810892b9c536efdf962650ace3f4

General

Target

c8048204663024db5ddb1360bf0bdb5e75b5810892b9c536efdf962650ace3f4
Size

212KB
MD5

9755a8be0d85a53e1c67df028e21345e
SHA1

2210792ed12075b27fd16d5965ba769781411b9b
SHA256

c8048204663024db5ddb1360bf0bdb5e75b5810892b9c536efdf962650ace3f4
SHA512

06e6e8c4d0ead919a9564787d16ebcd1ba38d525c1e64399f27efa254ec61f698d70f3dd73c76ddb83348ddc63c31022647cbd74f1fb604b9e9368d5bc364f77
SSDEEP

3072:8gTTR3k7GoISRFRgKj8aRMAQyJi1RcOKHYEZmSsyhfPh/Qt8h7VNFhENhj:8KTN0rRHg1abDwpKbmOZPFQkPoT

Score

N/A

Malware Config

Signatures

Files

c8048204663024db5ddb1360bf0bdb5e75b5810892b9c536efdf962650ace3f4
.dll windows x86

98df260cdf3c1bdd8d11f6f62daaaad7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GetStartupInfoA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
CopyFileA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
SetFilePointer
HeapAlloc
GetCPInfo
RtlUnwind
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
SetStdHandle
FlushFileBuffers
CloseHandle
DeleteFileA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegEnumValueA
RegDeleteKeyA

Exports

Exports

KmInstallReg
UninstInitialize
UninstUnInitialize

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98df260cdf3c1bdd8d11f6f62daaaad7

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 176KB - Virtual size: 181KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 176KB - Virtual size: 181KB

.reloc
Size: 4KB - Virtual size: 3KB