dbb2e3d8a916ba941db03a893307bfdc2127fd6f7b27f8805ae1af19e50d4236

Sharing

Copy URL Twitter E-mail

General

Target

dbb2e3d8a916ba941db03a893307bfdc2127fd6f7b27f8805ae1af19e50d4236
Size

59KB
MD5

98b976bda3206700095ece76e6595a81
SHA1

42620d69d46eb73263d8ff0168784ba10175df0c
SHA256

dbb2e3d8a916ba941db03a893307bfdc2127fd6f7b27f8805ae1af19e50d4236
SHA512

8a9b57e9dbc53d5cc70d9c224c7768f096d29a3bddbce08e9c92aafb9c34ed36bfc21d647e306d9e689935e4821d317618bb9bf400f24d7fc06a1fd24e8ba5c6
SSDEEP

768:Le+j0+2Knv1XqYcaG2zEwU3s8BuLVsAgE0JTmOtQnBBuLa3:C1+2mXDcx39BY3xOtuBd3

Score

N/A

Malware Config

Signatures

Files

dbb2e3d8a916ba941db03a893307bfdc2127fd6f7b27f8805ae1af19e50d4236
.dll windows x86

c7cbd38e2e99bf1d2b60729cbb7a02fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateProcessA
WaitForSingleObject
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
OpenEventA
SetEvent
GetTempPathA
GetModuleFileNameA
GetVersionExA
GetProcAddress
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
WriteProcessMemory
GetCurrentProcess
MultiByteToWideChar
FlushInstructionCache
HeapSize
RtlUnwind
InitializeCriticalSection
GetLocaleInfoA
GetStringTypeW
DeleteFileA
GetTickCount
CloseHandle
WriteFile
VirtualProtect
Sleep
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetProcessHeap
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
ExitProcess
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
RaiseException

user32

wsprintfA

advapi32

CloseServiceHandle
QueryServiceStatus
OpenServiceA
OpenSCManagerA
StartServiceA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx

Exports

Exports

_Install@0
_MissionBriefing@8
_Uninstall@0

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crome
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7cbd38e2e99bf1d2b60729cbb7a02fe

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 71KB

.crome Size: 512B - Virtual size: 8B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 71KB

.crome
Size: 512B - Virtual size: 8B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB