a0561a600c857b670ed368a645a97c2d356c45f9b02d55cc4a3efd3583e44380

General

Target

a0561a600c857b670ed368a645a97c2d356c45f9b02d55cc4a3efd3583e44380
Size

364KB
MD5

c1306eadc0d013615e08e34b4b0690a0
SHA1

e76e3a8294474f0d6539bb8a1e93b2215d7cb7e3
SHA256

a0561a600c857b670ed368a645a97c2d356c45f9b02d55cc4a3efd3583e44380
SHA512

187ecac23a23c85c1e16c15f44002956d375500e71748ff5a3bddc3fa0dd3936d924b9f98719301f95a8647c5ff0531a1802257ae35cbb25674bcb5101248658
SSDEEP

6144:RQTSVt/n5PjmkxwseIvxa6BYsihCDlUPBrvjYdZPMD2:RQTWVuIvtYsihCD2VYD0D2

Score

N/A

Malware Config

Signatures

Files

a0561a600c857b670ed368a645a97c2d356c45f9b02d55cc4a3efd3583e44380
.dll windows x86

2bb16867755aba7f8916f04cc3a78d0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetLastError
GetModuleFileNameA
EnterCriticalSection
GetProcAddress
CreateFileA
IsBadReadPtr
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
InitializeCriticalSection
GlobalSize
DeleteCriticalSection
TlsAlloc
GetTickCount
TlsGetValue
SetThreadPriority
TlsSetValue
GlobalAlloc
GlobalFree
GetDateFormatA
GetCurrentThreadId
QueryPerformanceCounter
TlsFree
Sleep
FreeLibrary
LeaveCriticalSection
VirtualFree
SetLastError

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

msvcrt

realloc
strcpy
fgets
free
abort
ftell
fwrite
fopen
rand
memcpy
calloc
_stricmp
getenv
_CIpow
sscanf
malloc
memset
strstr
strtok
_assert
fclose
sprintf
strncmp
atoi
fprintf
fread
strcmp
fseek
atol
exit
_iob
_ftol
memmove

user32

ReleaseDC
wsprintfA
GetWindowThreadProcessId
GetWindowRect
GetParent
GetDC
MessageBoxA

Exports

Exports

ExecCodeModule
IncrementalDecoder
List_Reverse
Number_Multiply
State_ThreadHead
VaParse
_Readline
vResolveTokenVarW
write_init_2

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bb16867755aba7f8916f04cc3a78d0c

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

user32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 92KB - Virtual size: 92KB

.rsrc Size: 76KB - Virtual size: 75KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 92KB - Virtual size: 92KB

.rsrc
Size: 76KB - Virtual size: 75KB

.reloc
Size: 8KB - Virtual size: 7KB