60a36b46483467737c6003f051340556587687557648e394ce6e78729c5b6af9

Sharing

Copy URL

Twitter E-mail

General

Target

60a36b46483467737c6003f051340556587687557648e394ce6e78729c5b6af9
Size

190KB
MD5

5859aee8839209f65d1d63fb7812c834
SHA1

ceee82a7ffa20e7e338e051307beb89b7ec16581
SHA256

60a36b46483467737c6003f051340556587687557648e394ce6e78729c5b6af9
SHA512

49c279afc56f5ad1e29c5ce307ff13b25426cb8f20d547bae6909ff34fe2b1abc85bce6b789e3b7d399b3a84ec0c908219db2073c18c03e2d2ddefa538429a85
SSDEEP

3072:MzQ/QnBMpwnZfyz85/XHshrOKLJdhZQWxD4oFeN/mr+sSGQAVi:4Q/Qnap8y+MhrOQjtDxeN/4+sGAVi

Score

N/A

Malware Config

Signatures

Files

60a36b46483467737c6003f051340556587687557648e394ce6e78729c5b6af9
.dll windows x86

6eb7fcd56cafeda6f670c8b7e38c77bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
lstrcpyA
WideCharToMultiByte
lstrlenA
lstrcmpW
lstrcpynW
GetCurrentProcessId
lstrcpyW
lstrlenW
lstrcatW
MultiByteToWideChar
lstrcmpiW
Sleep
WaitForSingleObject
SetEvent
GetModuleFileNameW
CreateProcessW
CloseHandle
GetModuleHandleW
GetProcAddress
GetTickCount
GetCurrentThreadId
CreateFileMappingW
MapViewOfFile
CreateEventW
CreateMutexW
GetModuleHandleA
FlushFileBuffers
CreateFileA
HeapSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LoadLibraryA
GetSystemTimeAsFileTime
HeapAlloc
ExitThread
GetLastError
CreateThread
GetCommandLineA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
RtlUnwind
RaiseException

user32

SetWindowLongW
GetWindowLongW
CallWindowProcW
PostMessageW
EnumWindows
GetClassNameW
GetParent
GetWindowThreadProcessId
SendMessageW

shlwapi

PathRemoveFileSpecW
StrStrW
StrChrW

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6eb7fcd56cafeda6f670c8b7e38c77bd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 5KB - Virtual size: 21KB

.bss Size: 94KB - Virtual size: 94KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 5KB - Virtual size: 21KB

.bss
Size: 94KB - Virtual size: 94KB

.reloc
Size: 5KB - Virtual size: 5KB