f56103f4387c8c10f82975cf97ec0a8dc50a281664fb82f117f1851e9fb086a9

General

Target

f56103f4387c8c10f82975cf97ec0a8dc50a281664fb82f117f1851e9fb086a9
Size

48KB
MD5

47cc22a7f8121c78182fe334cd6057e0
SHA1

7d26d1fdaca5becd378df36717ff461e452a181c
SHA256

f56103f4387c8c10f82975cf97ec0a8dc50a281664fb82f117f1851e9fb086a9
SHA512

7c803fb59985132724296b81b29f6fc5f11a67e1221c4f7a1deddc8f820bf399b9de49fc860bf0234c86544fe87b7f66d362247c64ba31a83a6a0bf24a5b589e
SSDEEP

768:A69nBOF+OKhMatTNamMq9tvITr+xqld1d6illlSu5SV:p9nBy+oatT4mMuZIuxqvKWllSfV

Score

N/A

Malware Config

Signatures

Files

f56103f4387c8c10f82975cf97ec0a8dc50a281664fb82f117f1851e9fb086a9
.dll windows x86

e8360ccf4b4e20aa61b2c9611dcd1495

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcessId
CreateToolhelp32Snapshot
Module32First
Module32Next
VirtualQuery
VirtualProtect
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetModuleFileNameA
ExitProcess
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InterlockedExchange
HeapFree
HeapAlloc
VirtualAlloc
GetSystemInfo
LCMapStringA
GetLastError
LCMapStringW
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
GetLocaleInfoA
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
InitializeCriticalSection
HeapSize

advapi32

RegCreateKeyA
RegCreateKeyW
RegCreateKeyExA
RegCreateKeyExW
RegOpenKeyW
RegOpenKeyExW
RegQueryValueA
RegQueryValueW
RegQueryValueExW
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8360ccf4b4e20aa61b2c9611dcd1495

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 3KB