8dab10c0b04036ada280fe3500a3d7660a08873cfe077654779ea71170ea3596

Sharing

Copy URL Twitter E-mail

General

Target

8dab10c0b04036ada280fe3500a3d7660a08873cfe077654779ea71170ea3596
Size

560KB
MD5

bd2c5f024d10a61fc67858c3cacce750
SHA1

5072b1124b76b7d49cfb59084ea1ef367c1ebbf6
SHA256

8dab10c0b04036ada280fe3500a3d7660a08873cfe077654779ea71170ea3596
SHA512

816c2c10a0d972a2cf65a32aeae45c209fca7b2214134e8e9603d445673c6abb65a5f555b22fb11235aeb78996a1dcd013752f5844272db30eacbaf9d71c845f
SSDEEP

12288:CmgMUHDsMrU3RPyzRgyUwaxnb1UtOCtPbRtmRX4atK6Xmg:PGdw3QzRZ+xb2DPttmGat9

Score

N/A

Malware Config

Signatures

Files

8dab10c0b04036ada280fe3500a3d7660a08873cfe077654779ea71170ea3596
.dll windows x86

ff7f5b48f786f048652420dcd8fe28dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetDateFormatA
CloseHandle
GetModuleHandleA
WideCharToMultiByte
UnhandledExceptionFilter
InterlockedIncrement
GetCurrentThreadId
CreateFileW
DeleteCriticalSection
GetModuleFileNameW
Sleep
InterlockedDecrement
VirtualAlloc
TerminateProcess
WaitForSingleObject
LoadResource
FreeLibrary
GetCurrentProcessId
EnterCriticalSection
GetVersionExA
InitializeCriticalSection
LeaveCriticalSection
GetLastError
InterlockedExchange
LocalAlloc
SetUnhandledExceptionFilter
GlobalAlloc
MultiByteToWideChar
InterlockedCompareExchange
lstrcmpiW
SetEvent
QueryPerformanceCounter
DeviceIoControl
RaiseException
lstrlenW
ReadFile
GetTickCount
GetSystemTimeAsFileTime
GetModuleHandleW

shell32

ShellExecuteW

ole32

CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoInitializeEx
CoUninitialize
CoTaskMemRealloc

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW

oleaut32

LoadTypeLi
RegisterTypeLi
SysFreeString
SysStringLen
SysAllocString
VarUI4FromStr
UnRegisterTypeLi

Exports

Exports

Int_FromSize_t
WithFilename
WriteUnraisable
get_filter_type
set_gamma

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff7f5b48f786f048652420dcd8fe28dc

Headers

File Characteristics

Imports

kernel32

shell32

ole32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 8KB - Virtual size: 7KB