a629e09fd00d5267f5ab0b4ebfc86118001b65d5e8a35a65f9649e6e8e3ed9ec

Sharing

Copy URL Twitter E-mail

General

Target

a629e09fd00d5267f5ab0b4ebfc86118001b65d5e8a35a65f9649e6e8e3ed9ec
Size

124KB
MD5

4110770829560e1c5b5cd84bd35c96b0
SHA1

a61e6e2768b9f1ea2fb29c9a4430897fc6177d18
SHA256

a629e09fd00d5267f5ab0b4ebfc86118001b65d5e8a35a65f9649e6e8e3ed9ec
SHA512

90a95cd45500f010befd9268a6852da238b2b5a94625e0ce721c888d063a8c8d98fd35f43fb2e52ed07e8b25769d48c4beeaa7a54918a67dfb91c5a0c647e874
SSDEEP

3072:wserQNIoesmopFidU6B6lFOl9Ug1XfN1vCoGP2j4iuahob/iilBAyae2qeAF3CF2:wZrQNIoehopFidU6B6lQl2gZfNlCyKll

Score

N/A

Malware Config

Signatures

Files

a629e09fd00d5267f5ab0b4ebfc86118001b65d5e8a35a65f9649e6e8e3ed9ec
.dll windows x86

33d949f5b8b2d7abf28b24b3d3fe403d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueW
ChangeServiceConfig2A
RegEnumValueA
CloseServiceHandle
RegQueryValueExW
LockServiceDatabase
InitializeSecurityDescriptor
RegQueryInfoKeyA
RegDeleteValueA
RegQueryValueExA
EqualSid

version

GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueA

kernel32

RtlUnwind
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetHandleInformation
LoadLibraryA
IsValidLocale
GetProcAddress
VirtualAlloc
GetModuleHandleA
lstrcmpW
SetHandleCount
GlobalUnlock
HeapReAlloc
CreateEventW
ExpandEnvironmentStringsA
UnmapViewOfFile
FindResourceExW
GetTimeFormatA
InitializeCriticalSection
FreeLibrary
SearchPathA
FormatMessageA
lstrcmpA
GlobalAlloc
MapViewOfFile
ReleaseMutex
SetEvent
CreateFileMappingW
GetTempPathW
IsBadReadPtr
GetSystemTimeAsFileTime
GetCPInfo
ExitProcess
GetSystemTime
HeapAlloc
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapCreate
VirtualFree
HeapFree
DeleteCriticalSection
FatalAppExitA
IsBadWritePtr
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
CloseHandle
CreateFileA
UnhandledExceptionFilter
GetACP
GetOEMCP
FlushFileBuffers
SetStdHandle
SetEndOfFile
ReadFile
SetFilePointer
MultiByteToWideChar

Exports

Exports

TWXNVJ

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33d949f5b8b2d7abf28b24b3d3fe403d

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 48KB - Virtual size: 49KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 48KB - Virtual size: 49KB

.reloc
Size: 8KB - Virtual size: 7KB