e96d8a0066cd2d85ab7235c5da161ce84739810c1d50f574d08cf960b8c70f6a

Sharing

Copy URL Twitter E-mail

General

Target

e96d8a0066cd2d85ab7235c5da161ce84739810c1d50f574d08cf960b8c70f6a
Size

580KB
MD5

83ded2e96d7b41fbd156d11f820c3cb0
SHA1

43faac6dc0c63c209b6453705719ab26061d94a2
SHA256

e96d8a0066cd2d85ab7235c5da161ce84739810c1d50f574d08cf960b8c70f6a
SHA512

914856f6a9355c9902acdf6831fe140c1e1f58f486a489787468539a217d7b6ad53196b4e206cf5c15896a6846f404cf1ebc41cb08b87bd4cc3bdb029e628820
SSDEEP

12288:o/bF1V4a5dMDdJlLqbcD3paMGHXqvUw7jKIJgBuGvAKg:oZ1V4a5dsxLjdaYDKg

Score

N/A

Malware Config

Signatures

Files

e96d8a0066cd2d85ab7235c5da161ce84739810c1d50f574d08cf960b8c70f6a
.dll windows x86

d2f3a63bd3564a54decc34d2e7eb2ebe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW

kernel32

WaitForSingleObject
GetVersionExA
CreateFileW
ReadFile
GetCurrentProcessId
GlobalAlloc
lstrlenW
TerminateProcess
InterlockedCompareExchange
GetSystemTimeAsFileTime
LocalAlloc
DeviceIoControl
InterlockedExchange
UnhandledExceptionFilter
GetTickCount
lstrcmpiW
InterlockedIncrement
FreeLibrary
EnterCriticalSection
GetModuleHandleA
GetModuleHandleW
GetDateFormatA
WideCharToMultiByte
GetCurrentThreadId
DeleteCriticalSection
GetModuleFileNameW
GetLastError
SetEvent
LeaveCriticalSection
VirtualAlloc
CloseHandle
SetUnhandledExceptionFilter
LocalFree
Sleep
RaiseException
QueryPerformanceCounter
MultiByteToWideChar
InitializeCriticalSection
LoadResource
InterlockedDecrement

ole32

CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoInitializeEx
CoTaskMemRealloc
CoInitialize

advapi32

RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegQueryInfoKeyW
RegEnumKeyExW

oleaut32

SysStringLen
UnRegisterTypeLi
LoadTypeLi
SysFreeString
VarUI4FromStr
SysAllocString
RegisterTypeLi

Exports

Exports

ArithmeticError
FileFlags
Filename
GenericGetAttr
ParseString
StringAAsString
StringADecode
WriteObjectToFile
_rowbytes_threshold

Sections

.text
Size: 196KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2f3a63bd3564a54decc34d2e7eb2ebe

Headers

File Characteristics

Imports

shell32

kernel32

ole32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 196KB - Virtual size: 194KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 152KB - Virtual size: 151KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 196KB - Virtual size: 194KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 152KB - Virtual size: 151KB

.reloc
Size: 12KB - Virtual size: 10KB