a15646250f4fbdb89eed7111dac8d65ba3ff87c55214b27e423b5a755d0cdd14

Sharing

Copy URL Twitter E-mail

General

Target

a15646250f4fbdb89eed7111dac8d65ba3ff87c55214b27e423b5a755d0cdd14
Size

84KB
MD5

bc14da87b78b95dfb1eb03ebee3788dc
SHA1

96c330e622f3adb80cf42ca6c13987bac65d4dbd
SHA256

a15646250f4fbdb89eed7111dac8d65ba3ff87c55214b27e423b5a755d0cdd14
SHA512

134980918184f4ee6b25278265a77b020cbd92c29ce97afc09fba1f76d6587c13759bc801c661b2e827d04f85851135ec0745965b8ebd680cb306392ea672ac5
SSDEEP

1536:ZETO/IWwl6KnrtQ6kVRW58cxpZNaVyNkvS2ybTPkC/tKOvcRJ:ZE76KnrtQ6kVY58k0saS2y3ttN0R

Score

N/A

Malware Config

Signatures

Files

a15646250f4fbdb89eed7111dac8d65ba3ff87c55214b27e423b5a755d0cdd14
.dll windows x86

b7d73071515c7f7e36a89ddb4108101a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
FlushViewOfFile
GetStringTypeA
GetStringTypeExA
GetFullPathNameW
CloseHandle
InterlockedDecrement
GetProcAddress
WaitForSingleObject
SetEndOfFile
TlsAlloc
DeleteFileW
HeapFree
GetEnvironmentVariableA
lstrlenA
InterlockedExchange
GetSystemTimeAsFileTime
SetHandleCount
QueryPerformanceCounter
DeleteFileA
CompareFileTime
OpenFileMappingA
SetLastError
GetCurrentThreadId
GetCPInfo
lstrlenW
HeapDestroy
CreateFileA
GetEnvironmentStrings
GetDiskFreeSpaceA
lstrcmpA
CreateFileW
InitializeCriticalSection
LocalFree
MoveFileW
TerminateProcess
CreateMutexA
HeapReAlloc
VirtualAlloc
GetStartupInfoA
TlsGetValue
GetLastError
WideCharToMultiByte
UnhandledExceptionFilter
CreateMutexW
EnterCriticalSection
GetSystemInfo
SetFilePointer
VirtualQuery
DeleteCriticalSection
InterlockedIncrement
Sleep
GetOEMCP
CreateFileMappingW
GetStdHandle
SetEvent
SetFileTime
CreateThread
MultiByteToWideChar
LeaveCriticalSection
ReleaseMutex
IsBadReadPtr
OpenFileMappingW
GetLocaleInfoA
FreeEnvironmentStringsW
GetFileSize
MoveFileA
FreeEnvironmentStringsA
FreeLibrary
GetStringTypeW
CreateFileMappingA
GetFileType
MapViewOfFile
VirtualProtect
HeapCreate
GetVersionExA
GetFullPathNameA
HeapAlloc
IsDBCSLeadByte
LocalAlloc
GetACP
GetCurrentProcessId
lstrcmpiA
LoadLibraryA
TlsFree
CreateEventA
VirtualFree
SetUnhandledExceptionFilter
GetTickCount
GetDiskFreeSpaceW
DisableThreadLibraryCalls
GetCurrentProcess
UnmapViewOfFile
LCMapStringA
GetEnvironmentStringsW
SetEnvironmentVariableA

Exports

Exports

btllig

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 590B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7d73071515c7f7e36a89ddb4108101a

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.data Size: 28KB - Virtual size: 26KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 590B

.text
Size: 44KB - Virtual size: 41KB

.data
Size: 28KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 590B