ff23472f3496dd39ad6a86526720b58d302da9e8a6f345f9560da7804e7db119

General

Target

ff23472f3496dd39ad6a86526720b58d302da9e8a6f345f9560da7804e7db119
Size

296KB
MD5

074a7629aee31fdf071e10d6311c7cd4
SHA1

e963f2cd786f16ffc7fdde9d8464ee895dcc7184
SHA256

ff23472f3496dd39ad6a86526720b58d302da9e8a6f345f9560da7804e7db119
SHA512

313e4018e26d45376ed89560291b67b7bfa02348b379e32ea6ffedafd4226001f0eb302691b03cb69c8c7c0e237e4b85f21d3dfe54db6cd8fb68c7d132493d78
SSDEEP

6144:a3qyScV/Om60U6lmh8GXQqzT608nrwR7nQXwnyIOl:a6HSONf5h8GAqzT608nrsnQAnyIG

Score

N/A

Malware Config

Signatures

Files

ff23472f3496dd39ad6a86526720b58d302da9e8a6f345f9560da7804e7db119
.dll windows x86

e3f1e7dde6e0df532fbc9422af4d6aef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
Sleep
InterlockedExchange
InterlockedCompareExchange
CloseHandle
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetVersionExA
DeviceIoControl
FreeEnvironmentStringsA
EnterCriticalSection
lstrlenA
lstrlenW
GetEnvironmentStrings
GetEnvironmentStringsW
GetDiskFreeSpaceA
GlobalMemoryStatus
QueryPerformanceCounter
GetLocalTime
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
HeapReAlloc
IsProcessorFeaturePresent
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FreeEnvironmentStringsW
IsBadStringPtrW
SetStdHandle
HeapSize
SetFilePointer
GetLastError
WideCharToMultiByte
ExitProcess
GetCommandLineA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
GetSystemTimeAsFileTime
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
RtlUnwind
VirtualQuery
VirtualAlloc
GetCPInfo
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetACP
GetOEMCP
VirtualProtect
GetSystemInfo
LCMapStringA
LCMapStringW
FlushFileBuffers

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize

Exports

Exports

SwitchToMSC

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3f1e7dde6e0df532fbc9422af4d6aef

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 180KB - Virtual size: 188KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 180KB - Virtual size: 188KB

.reloc
Size: 8KB - Virtual size: 5KB