c777c9e7057082a1f3ea33a131151b5105105b8f429e473d4f45064a4a59b42c

Sharing

Copy URL Twitter E-mail

General

Target

c777c9e7057082a1f3ea33a131151b5105105b8f429e473d4f45064a4a59b42c
Size

38KB
MD5

bffc86ea2de53562346966bced0a74ab
SHA1

63b7fe3e0dd049f6fa7f7236889fa4c9d907af5b
SHA256

c777c9e7057082a1f3ea33a131151b5105105b8f429e473d4f45064a4a59b42c
SHA512

3598dfd560085f94bacc2fea0324afae52541ebc22172ddbc29f52ecaca83c8b8613f5ec7e5a87e28ead60aef9bdb61a08d4f9fb9dd107052e0661916e82d7aa
SSDEEP

768:Ws9wEZnOD0pBFsiP2VdCAwQpFtW3RyTkl+HX56bw8X3yOlKR9o:Wi5ZnOwDP2V0A7p1J6Fy+KR9

Score

N/A

Malware Config

Signatures

Files

c777c9e7057082a1f3ea33a131151b5105105b8f429e473d4f45064a4a59b42c
.dll windows x86

102e9d9ae59c422376b308bb9d666987

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlUnwind
RtlCreateSecurityDescriptor
RtlSetDaclSecurityDescriptor
RtlInitUnicodeString
RtlDosPathNameToNtPathName_U
NtCreateFile
RtlFreeUnicodeString
NtClose
RtlInitAnsiString
RtlAnsiStringToUnicodeString
RtlUnicodeStringToInteger

kernel32

CloseHandle
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSection
GetCPInfo
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapCreate
HeapAlloc
HeapFree
HeapReAlloc
MultiByteToWideChar
WideCharToMultiByte
SetLastError
ReleaseMutex
WaitForSingleObject
SetFilePointer
GetLastError
GetEnvironmentVariableW
lstrlenW
GetSystemWindowsDirectoryW
CreateMutexA
VirtualProtect
InitializeCriticalSectionAndSpinCount
GetSystemInfo
VirtualFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
IsBadCodePtr
TlsSetValue
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
TlsFree
TlsGetValue
TlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
WriteFile
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP

Exports

Exports

GetHookAPIs
NotifyShims

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

102e9d9ae59c422376b308bb9d666987

Headers

File Characteristics

Imports

ntdll

kernel32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 28KB

.data Size: 3KB - Virtual size: 10KB

.rsrc Size: 1024B - Virtual size: 960B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 29KB - Virtual size: 28KB

.data
Size: 3KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 960B

.reloc
Size: 4KB - Virtual size: 4KB