b7f822a9b230044a7d88292935fafd326c9174e78e9ed9a3b35c72a9b72c7fe0

General

Target

b7f822a9b230044a7d88292935fafd326c9174e78e9ed9a3b35c72a9b72c7fe0
Size

210KB
MD5

caafd93e6b200566255c6d0626e20d78
SHA1

3991f69414b53cc8528a9b37d8229f39b0accdd4
SHA256

b7f822a9b230044a7d88292935fafd326c9174e78e9ed9a3b35c72a9b72c7fe0
SHA512

6aa158b4454e7381d7224c902c1a42402389f03d23a272ac3deca6f35816c394cb784102b1438d549062f3e487237c5e0a1e05c77f90f3de7c6d88100683868d
SSDEEP

6144:C2J0BO1CEqgCOga7L0kpf1gtWhYzvVr5:VRskpf132rVd

Score

N/A

Malware Config

Signatures

Files

b7f822a9b230044a7d88292935fafd326c9174e78e9ed9a3b35c72a9b72c7fe0
.dll windows x86

1ec75afa223d22fb5660ad3dff52fd2d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFileTimeToFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcr90

_time32
??_V@YAXPAX@Z
??_U@YAPAXI@Z
atoi
strstr
_purecall
memset
memcpy
_gmtime32
strftime
isspace
memmove
_vsnprintf
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_except_handler4_common
strncmp
strchr
??2@YAPAXI@Z
strncpy
isalnum
strncat
sprintf
_stricmp
??3@YAXPAX@Z

Exports

Exports

CanUnload2
RMACreateInstance

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ec75afa223d22fb5660ad3dff52fd2d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcr90

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 169KB - Virtual size: 169KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 169KB - Virtual size: 169KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB