511132d2dee074850a0cfae851f91697bd4be8812919f7717e578e636a75c27d

Sharing

Copy URL Twitter E-mail

General

Target

511132d2dee074850a0cfae851f91697bd4be8812919f7717e578e636a75c27d
Size

457KB
MD5

3446b299de91a6d8df5c475ac48bae90
SHA1

78920cf3cb75be6ddec196d1dfec43bc6c63c932
SHA256

511132d2dee074850a0cfae851f91697bd4be8812919f7717e578e636a75c27d
SHA512

7ed211fac0cffacf647105adf6602900286eaa076da0a4d59342be892116aad83232eefcf141a6645cdeafdecc72d4b8353e5b58df7d997ef177c10e1b5a337b
SSDEEP

6144:2bsGXJ345WOTHKLjqmN9vOKHx+2UthY/5z+aygwR6GW+HvzoblQJ3gmh27utrOxa:KL5I5uqATJuh8GgwR6GNLoblaouBea

Score

N/A

Malware Config

Signatures

Files

511132d2dee074850a0cfae851f91697bd4be8812919f7717e578e636a75c27d
.dll windows x86

3b969b59ed066915a044910bca45779e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FindFirstFileA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

FillRect

advapi32

RegCloseKey

oleaut32

VariantClear

version

GetFileVersionInfoSizeA

gdi32

GetEnhMetaFilePaletteEntries

ole32

CoCreateInstance

comctl32

ImageList_DragEnter

wsock32

WSAStartup

winmm

sndPlaySoundA

Exports

Exports

dirret
keyprocxy

Sections

CODE
Size: - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata0
Size: - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata1
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b969b59ed066915a044910bca45779e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

version

gdi32

ole32

comctl32

wsock32

winmm

Exports

Exports

Sections

CODE Size: - Virtual size: 600KB

DATA Size: - Virtual size: 7KB

BSS Size: - Virtual size: 3KB

.idata Size: - Virtual size: 9KB

.edata Size: - Virtual size: 92B

.idata0 Size: - Virtual size: 63KB

.idata1 Size: 452KB - Virtual size: 451KB

.reloc Size: 512B - Virtual size: 296B

.rsrc Size: 4KB - Virtual size: 110KB

CODE
Size: - Virtual size: 600KB

DATA
Size: - Virtual size: 7KB

BSS
Size: - Virtual size: 3KB

.idata
Size: - Virtual size: 9KB

.edata
Size: - Virtual size: 92B

.idata0
Size: - Virtual size: 63KB

.idata1
Size: 452KB - Virtual size: 451KB

.reloc
Size: 512B - Virtual size: 296B

.rsrc
Size: 4KB - Virtual size: 110KB