f711dd8de8d24dbb9ea8666aaede5c28487c67d12464ba32aac5924e25d59422

Sharing

Copy URL

Twitter E-mail

General

Target

f711dd8de8d24dbb9ea8666aaede5c28487c67d12464ba32aac5924e25d59422
Size

204KB
MD5

d7d15b492b172ba746de9d2a6b6da390
SHA1

901b398039273889aa4245e0f0f0781de680fc8c
SHA256

f711dd8de8d24dbb9ea8666aaede5c28487c67d12464ba32aac5924e25d59422
SHA512

b81b6f4d58ee9c5bfec0684f799a356ea7a1017af3250164733ba56084b4ff8d75880999eb13e27a88691d7b8298a87f7f4c6e50ea5e57e027a8dc48894acf9d
SSDEEP

6144:WJXgFKd6Yn4iA6v97m4dFOts6Jh1LdG2e:S4ydFoFdG2

Score

N/A

Malware Config

Signatures

Files

f711dd8de8d24dbb9ea8666aaede5c28487c67d12464ba32aac5924e25d59422
.dll windows x86

d34323fba0f59c9f231c885ff1daa257

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord859
ord5462
ord2912
ord1989
ord2800
ord964
ord6313
ord4177
ord6388
ord5444
ord3313
ord6006
ord5774
ord2598
ord5188
ord3178
ord3171
ord3506
ord3719
ord798
ord5852
ord533
ord536
ord6403
ord1560
ord268
ord5461
ord2813
ord940
ord3806
ord5706
ord925
ord2756
ord922
ord927
ord2810
ord537
ord942
ord535
ord1179
ord823
ord342
ord540
ord861
ord5679
ord4124
ord858
ord800
ord538
ord1248
ord825
ord3175
ord1165

msvcrt

_adjust_fdiv
malloc
_initterm
free
??1type_info@@UAE@XZ
_onexit
__dllonexit
_ltow
wcscmp
__CxxFrameHandler
wcscpy

kernel32

FormatMessageW
GetLastError
GlobalFree
GlobalUnlock
GlobalLock
GetCurrentDirectoryW
GetVersionExW
CreateFileW
CloseHandle
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleFileNameW
SetEnvironmentVariableW
GlobalAlloc
SetCurrentDirectoryW

user32

wvsprintfW

advapi32

RegFlushKey
RegCreateKeyW
RegSetValueExW
RegCloseKey
RegDeleteKeyW
RegOpenKeyW

ole32

CoInitializeEx
CoInitializeSecurity
CoUninitialize

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

vssapi

ord6
?CreateVssBackupComponents@@YGJPAPAVIVssBackupComponents@@@Z

Exports

Exports

PCA_VSS_Close
PCA_VSS_Open
PCA_VSS_Open_Drive

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d34323fba0f59c9f231c885ff1daa257

Headers

File Characteristics

Imports

mfc42u

msvcrt

kernel32

user32

advapi32

ole32

version

vssapi

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 168KB - Virtual size: 166KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 168KB - Virtual size: 166KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB