c6a9bbedce57f3f2eec1dd43256db5ee522b44467713f5b7137f945addb012ec

Sharing

Copy URL

Twitter E-mail

General

Target

c6a9bbedce57f3f2eec1dd43256db5ee522b44467713f5b7137f945addb012ec
Size

71KB
MD5

79955abe196077d06793dcd577690455
SHA1

0e74ba46681eb237bb95a3ffef4ae1c67fd239a1
SHA256

c6a9bbedce57f3f2eec1dd43256db5ee522b44467713f5b7137f945addb012ec
SHA512

bfbb0c42287ce21fdebc289f887ee56c5959857044dbb1e9e81f19544a50cd8486f5f9fbfbaa74a39d9f72cee9c6ac431b0c11cbcdac1608276f592fd6dbdfaf
SSDEEP

1536:nd9x79qNJiGnhosvkO7u6j/JjfQOVRVcoX1BS0p/2hrkVLVConOnV:d999qfiZYuAJjX7erkOnV

Score

N/A

Malware Config

Signatures

Files

c6a9bbedce57f3f2eec1dd43256db5ee522b44467713f5b7137f945addb012ec
.dll windows x86

f3977cb38abf6a03c4c44b299aa90eab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
IsBadStringPtrA
UnmapViewOfFile
lstrlenA
MapViewOfFile
CreateFileMappingA
CloseHandle
OpenFileMappingA
WideCharToMultiByte
lstrlenW
CreateThread
LoadLibraryA
GetProcAddress
VirtualProtect
GetTickCount
VirtualAlloc
VirtualFree
VirtualQuery
HeapCreate
GetSystemInfo
lstrcpyA
InterlockedIncrement
ExitProcess
GetModuleFileNameA
DisableThreadLibraryCalls
GetWindowsDirectoryA
lstrcatA
GetCommandLineA
OpenProcess
Process32Next
TerminateProcess
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
ReadProcessMemory
VirtualProtectEx
WriteProcessMemory
GetCurrentProcess
Module32Next
Module32First
WritePrivateProfileStringA
GetSystemDirectoryA
GetPrivateProfileStringA
GetModuleHandleA
Sleep
GetCurrentProcessId

user32

wsprintfA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shlwapi

PathFileExistsA
StrStrIA
StrStrW
StrStrA

msvcrt

atoi
_stricmp
_memicmp
_adjust_fdiv
_initterm
isprint
strrchr
fopen
fseek
ftell
strlen
memcpy
strstr
strcpy
strcat
memset
strcmp
__CxxFrameHandler
isdigit
sscanf
sprintf
_itoa
atol
memcmp
isspace
isalnum
free
malloc
fgetc
rewind

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3977cb38abf6a03c4c44b299aa90eab

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

Sections

.text Size: 31KB - Virtual size: 30KB

.bss Size: - Virtual size: 25KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 19KB

.vmp0 Size: 11KB - Virtual size: 10KB

.reloc Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 1020B

.text
Size: 31KB - Virtual size: 30KB

.bss
Size: - Virtual size: 25KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 19KB

.vmp0
Size: 11KB - Virtual size: 10KB

.reloc
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 1020B