ee6ff723c8402e5e85aab6d84cb5401949ba7ec3fd6d493930ecef4dda0e020d

General

Target

ee6ff723c8402e5e85aab6d84cb5401949ba7ec3fd6d493930ecef4dda0e020d
Size

389KB
MD5

f418f592bec92d6c314bf1b4809b307e
SHA1

9660df31f4dd533cc158f72a5c6b880308587a84
SHA256

ee6ff723c8402e5e85aab6d84cb5401949ba7ec3fd6d493930ecef4dda0e020d
SHA512

d66d7dac8bf19342eea547583c06d9755c75b549a66eb5b7714b8b2726be7e7fd717acca7501a1e3ae64d2ecfd9df2c5c4689644cc8b48aa7a0a211386c4e10a
SSDEEP

6144:uDjnMwzxK7z7qz6RljL2ojy/o+4lC40lYEMHpgw2HelR3OzG2DyGKga0mcY59:Cn9ximz63jIo+4440GEMJgwuwmGSaPc

Score

N/A

Malware Config

Signatures

Files

ee6ff723c8402e5e85aab6d84cb5401949ba7ec3fd6d493930ecef4dda0e020d
.dll windows x86

b57d13133806303ddbf23debff061b47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
ImpersonateAnonymousToken

ole32

CoTaskMemFree
StringFromCLSID

kernel32

lstrlenW
WideCharToMultiByte
WaitForSingleObject
CloseHandle
CreateFileA
CreateProcessA
DeleteCriticalSection
DosDateTimeToFileTime
EnterCriticalSection
ExitProcess
FreeLibrary
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetLastError
GetLocaleInfoA
GetLongPathNameA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessPriorityBoost
GetShortPathNameA
GetStartupInfoA
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
GlobalUnWire
HeapReAlloc
InitializeCriticalSection
InterlockedExchange
LoadLibraryA
QueryInformationJobObject
QueryPerformanceCounter
QueryPerformanceFrequency
VirtualAlloc

Exports

Exports

AllocADsMem
GetNextPageS
QuaternionLn
SchemaIsClassAContainer
XSet

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b57d13133806303ddbf23debff061b47

Headers

File Characteristics

Imports

advapi32

ole32

kernel32

Exports

Exports

Sections

.text Size: 79KB - Virtual size: 79KB

.rdata Size: 171KB - Virtual size: 171KB

.data Size: 68KB - Virtual size: 71KB

.rsrc Size: 63KB - Virtual size: 63KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 79KB - Virtual size: 79KB

.rdata
Size: 171KB - Virtual size: 171KB

.data
Size: 68KB - Virtual size: 71KB

.rsrc
Size: 63KB - Virtual size: 63KB

.reloc
Size: 5KB - Virtual size: 5KB