a18660238c044e6e173dde4c61bba5cd5436a1182bf729904a5703b739d0d3a8

Sharing

Copy URL Twitter E-mail

General

Target

a18660238c044e6e173dde4c61bba5cd5436a1182bf729904a5703b739d0d3a8
Size

370KB
MD5

4d2775314b84114520895c33cbe36842
SHA1

22ef81e1f71dd0433896ecc3f969b5f7b6ce269b
SHA256

a18660238c044e6e173dde4c61bba5cd5436a1182bf729904a5703b739d0d3a8
SHA512

2aef47f7bc55fba44777611357253873e41a5a4fce583d306f2db32c0249805fbcb52b4c9447d081f9b51c05a35701c149f2bbeebe58a26f34a00176b3ca7d3a
SSDEEP

6144:aBgo0lFUZusaHzcS4TK6meU2RhjE3bsg2GW+OQj+u8+uuN26MEyh8i4l1OPmWHMW:q90lFHs8lJeuI5kj+uk33Gi4l1OPmM

Score

N/A

Malware Config

Signatures

Files

a18660238c044e6e173dde4c61bba5cd5436a1182bf729904a5703b739d0d3a8
.dll windows x86

c8c21b03999052720470b8ab2c8a7c3d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

SymSetSearchPath
SymSetOptions
SymRegisterCallback64
SymCleanup
SymFindFileInPath
SymInitialize
MakeSureDirectoryPathExists

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

WriteFile
VirtualAlloc
UnmapViewOfFile
UnlockFile
UnhandledExceptionFilter
SleepEx
SetUnhandledExceptionFilter
CloseHandle
CreateFileA
CreateRemoteThread
CreateTimerQueue
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindFirstFileExA
FindNextFileA
FlushViewOfFile
FreeLibrary
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetFileAttributesExA
GetFileSize
GetFullPathNameA
GetLastError
GetLogicalDrives
GetModuleHandleA
GetPrivateProfileSectionA
GetPrivateProfileStringA
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessPriorityBoost
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTickCount
HeapAlloc
HeapFree
InterlockedCompareExchange
InterlockedExchange
LoadLibraryA
LocalFree
MapViewOfFile
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
ReadFile
ReleaseMutex
RemoveDirectoryA
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetErrorMode
SetFileAttributesA
SetFilePointer
SetLastError

msvcrt

_amsg_exit
_cexit
_controlfp
_ctime64
_errno
_exit
_futime64
_getmbcp
_initterm
_iob
_ismbblead
_msize
_wstat
atoi
cos
__p__fmode
fgets
fopen
fprintf
free
fseek
getenv
isdigit
isspace
memcpy
memset
printf
puts
rand
realloc
srand
strchr
strcmp
strncmp
strstr
time
tolower
__p__commode
__getmainargs
_XcptFilter
fclose

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

Exports

Exports

DeleteMarkerIndex
DisableFwInterface
IsContentProtected
LoadMeshFromXW
SHScale
SchemaClose
StartTraceW
mpegInOpenPrimary

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8c21b03999052720470b8ab2c8a7c3d

Headers

File Characteristics

Imports

dbghelp

version

kernel32

msvcrt

advapi32

Exports

Exports

Sections

.text Size: 69KB - Virtual size: 68KB

.rdata Size: 164KB - Virtual size: 164KB

.data Size: 68KB - Virtual size: 69KB

.rsrc Size: 63KB - Virtual size: 63KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 164KB - Virtual size: 164KB

.data
Size: 68KB - Virtual size: 69KB

.rsrc
Size: 63KB - Virtual size: 63KB

.reloc
Size: 4KB - Virtual size: 3KB