df8efd3b46769c3575c7287238535b9d08fd73bcba6079caeb3b8be07676cd38

Sharing

Copy URL Twitter E-mail

General

Target

df8efd3b46769c3575c7287238535b9d08fd73bcba6079caeb3b8be07676cd38
Size

381KB
MD5

9db766c5dce5cf9cbe1fec7df01a120e
SHA1

6be7a52f190af677edc91be3ebaab9f2237f961f
SHA256

df8efd3b46769c3575c7287238535b9d08fd73bcba6079caeb3b8be07676cd38
SHA512

43368fcbf898cd89ab46453e469762a865e37d00cfde5e5d92e1338dcf5c91a6f064604ec534be4297025acbd8f30f667e07d849bbda8c5056bd173f808d0c41
SSDEEP

6144:XC+YMK+oyytXxlQadN+n6k78ERvKS/5ciAtRlDEeXUT18YRdQjUMfAhMB1dj67+F:XCNz+odtXxK606AvKuKiUtEeXUB8EWAO

Score

N/A

Malware Config

Signatures

Files

df8efd3b46769c3575c7287238535b9d08fd73bcba6079caeb3b8be07676cd38
.dll windows x86

2e27804bb011e21afecf47c4058d05d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

SymSetSearchPath
SymSetOptions
SymRegisterCallback64
SymInitialize
SymFindFileInPath
SymCleanup
MakeSureDirectoryPathExists

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

kernel32

UnhandledExceptionFilter
TerminateProcess
Sleep
UnmapViewOfFile
SetLastError
SetFilePointer
SetFileAttributesA
SetErrorMode
VirtualAlloc
WriteFile
SetUnhandledExceptionFilter
ReadFile
CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindFirstFileExA
FindNextFileA
FlushViewOfFile
FreeLibrary
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetFileAttributesExA
GetFileInformationByHandle
GetFileSize
GetFullPathNameA
GetLastError
GetModuleHandleA
GetPrivateProfileSectionA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTickCount
HeapAlloc
HeapFree
InterlockedCompareExchange
InterlockedExchange
LoadLibraryA
LocalAlloc
LocalFree
MapViewOfFile
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
SetEndOfFile
RemoveDirectoryA
RtlUnwind
SetCurrentDirectoryA

msvcrt

_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_controlfp
_errno
_exit
_initterm
_iob
_ismbblead
_msize
_stricmp
_vsnprintf
atoi
exit
fclose
fgets
fopen
fprintf
free
fseek
getenv
isdigit
isspace
malloc
memcpy
memset
printf
puts
rand
realloc
srand
strchr
strncmp
strrchr
strstr
time
tolower

Exports

Exports

ConvertU2TrusteeToSid
GetSyntaxOfAttributeOnServer
QueryAllTracesW
RegisterTraceGuidsW
SearchExtS
ValidateData

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e27804bb011e21afecf47c4058d05d3

Headers

File Characteristics

Imports

dbghelp

version

advapi32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 66KB - Virtual size: 65KB

.rdata Size: 178KB - Virtual size: 177KB

.data Size: 68KB - Virtual size: 71KB

.rsrc Size: 64KB - Virtual size: 64KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 178KB - Virtual size: 177KB

.data
Size: 68KB - Virtual size: 71KB

.rsrc
Size: 64KB - Virtual size: 64KB

.reloc
Size: 3KB - Virtual size: 3KB