9fad66da9968320326f5f3cc9c95c0e3531c164237c9c5451c51b71a015e1bff

Sharing

Copy URL

Twitter E-mail

General

Target

9fad66da9968320326f5f3cc9c95c0e3531c164237c9c5451c51b71a015e1bff
Size

212KB
MD5

5d702e7fb99ab202bf4b58466bb446e0
SHA1

58c3e1b1b08dd22855feba168b883a759ce421dd
SHA256

9fad66da9968320326f5f3cc9c95c0e3531c164237c9c5451c51b71a015e1bff
SHA512

605ee0ef117274b07a81660541efaa876294c99f4316f13c52cc3ba4e8b429cf0aa9ee66a9581c0b58c1f50cf4e816e008a081c276ed0c0018c80f9a517e9e2c
SSDEEP

3072:rzfmoI4+bMYACW5cIdu8hCs844zhZAW712iSqJtrOSg+yx4yt4P:rzeoIlqu8hCs83heaSqzCSs4yt4P

Score

N/A

Malware Config

Signatures

Files

9fad66da9968320326f5f3cc9c95c0e3531c164237c9c5451c51b71a015e1bff
.dll windows x86

bfd2fd3320f614f5453b457f58d36097

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
GetLastError
WaitForSingleObject
MultiByteToWideChar
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InterlockedIncrement
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryA
RtlUnwind
InitializeCriticalSection
IsValidCodePage
GetCurrentProcessId
lstrlenA
CloseHandle
ResetEvent
CreateEventW
SetEvent
SetStdHandle
InterlockedDecrement
RaiseException
GetVersionExA
GetTickCount
GetProcAddress
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetCurrentThreadId
GetCommandLineA
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
ExitProcess
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetOEMCP

ole32

CoCreateInstance
CreateItemMoniker
GetRunningObjectTable
CoTaskMemFree

oleaut32

VariantClear

Exports

Exports

_AvisynthPluginInit2@4

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bfd2fd3320f614f5453b457f58d36097

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 12KB

.reloc Size: 8KB - Virtual size: 6KB

.text Size: 112KB - Virtual size: 112KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 12KB

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 112KB - Virtual size: 112KB