aa0a86591957a3aee4ce58b8e6bbe89c942ec451a5443bd6fa9630fdf6d16208

Sharing

Copy URL Twitter E-mail

General

Target

aa0a86591957a3aee4ce58b8e6bbe89c942ec451a5443bd6fa9630fdf6d16208
Size

333KB
MD5

e36cd8953a99f19071bb0ad074449843
SHA1

14e25aa8290eb883fd9cb2e1bc56d4902883eb89
SHA256

aa0a86591957a3aee4ce58b8e6bbe89c942ec451a5443bd6fa9630fdf6d16208
SHA512

4a188b739486495d8304e1cd20d3801adb6368086f6a5b8ba257841eed381360493b3a075bf4f12603cd65b4b4dabb907d07ab1e37410aa03ffbcf9778c23063
SSDEEP

6144:MYdPC/7fdfnTo5Dh+ozwSC31/Dz21UsDCfkbjOAIQB/4CgYCHMdtBg:X+7G5Dh+LD4kk+AJaJKg

Score

N/A

Malware Config

Signatures

Files

aa0a86591957a3aee4ce58b8e6bbe89c942ec451a5443bd6fa9630fdf6d16208
.dll windows x86

3e55671e4d808232a39a15f91496c4da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSection
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CompareStringA
MultiByteToWideChar
SetEnvironmentVariableA
DeviceIoControl
CloseHandle
CreateFileW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
ReadFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
FreeEnvironmentStringsA
GetModuleFileNameW
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleA
GetProcAddress
SetUnhandledExceptionFilter
GetProcessHeap
HeapAlloc
GetVersionExA
CompareStringW
RaiseException
VirtualQuery
GetFileAttributesA
CreateFileMappingA
OutputDebugStringW
UnmapViewOfFile
MapViewOfFile
HeapFree

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

GetFileInItemCount
GetFunctions
GetSymbolAddress
HostGetFlags

Sections

.text
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 183KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e55671e4d808232a39a15f91496c4da

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 76KB

.rdata Size: 72KB - Virtual size: 76KB

.data Size: 183KB - Virtual size: 184KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 74KB - Virtual size: 76KB

.rdata
Size: 72KB - Virtual size: 76KB

.data
Size: 183KB - Virtual size: 184KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB