b11203decc89191d194a898ea371c51984c17644383b63213a91c2f3197115f4

General

Target

b11203decc89191d194a898ea371c51984c17644383b63213a91c2f3197115f4
Size

130KB
MD5

a2e4d7f657f683ac380582a761cafab7
SHA1

438129211c90e1fe111d4df751523daccc46475d
SHA256

b11203decc89191d194a898ea371c51984c17644383b63213a91c2f3197115f4
SHA512

506f6d90fd58be499da9abad1d133c6b70754a141a36df1d38949bff46c5b8999b27ad645d87dc10cfcc4377e82c6758bc0f554bac0e7d1eb08d03397126a0a5
SSDEEP

1536:ZEZtAH/Js1x3lPAtsUa9E2wnvBj9wdtVg5CiVR7lkWIFOLQZ3KMMiU1aoauY:ewhKn4tsUqEvJRXRyWgZKMMiU1m9

Score

N/A

Malware Config

Signatures

Files

b11203decc89191d194a898ea371c51984c17644383b63213a91c2f3197115f4
.dll windows x86

3dd75a8c068a6d5e7f799a6411273458

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantClear
VariantCopyInd
SysAllocStringLen
SysFreeString
LoadTypeLib

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
StartServiceA
CloseServiceHandle
AdjustTokenPrivileges
OpenServiceA

ole32

CoCreateInstance
CoRegisterClassObject
CLSIDFromProgID
CoRegisterMessageFilter
CoResumeClassObjects
CreateOleAdviseHolder
StringFromGUID2
ReadClassStg
OleUninitialize
OleLockRunning
GetConvertStg
CreateStreamOnHGlobal
CLSIDFromString

kernel32

FlushFileBuffers
LoadLibraryA
LoadResource
WriteFile
TlsGetValue
MapViewOfFile
SleepEx
FreeResource

msvcrt

__getmainargs
memchr
free
fflush
exit
__set_app_type
__p__commode
memset
strcmp
memmove

opengl32

wglDeleteContext
wglCreateContext
wglMakeCurrent

gdi32

SetPixelFormat
ChoosePixelFormat

Exports

Exports

Afn
Mxt
Roh
Sxc
Tbp
Uwq
Xmp
Zig

Sections

.text
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dd75a8c068a6d5e7f799a6411273458

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

kernel32

msvcrt

opengl32

gdi32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 32KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 31KB - Virtual size: 32KB

.idata Size: 10KB - Virtual size: 12KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 31KB - Virtual size: 32KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 31KB - Virtual size: 32KB

.idata
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 24KB - Virtual size: 28KB