945c5e666a997dd137c92b1593fec17ca9ec65df93b93cc89d355088ac096d5d

Sharing

Copy URL Twitter E-mail

General

Target

945c5e666a997dd137c92b1593fec17ca9ec65df93b93cc89d355088ac096d5d
Size

184KB
MD5

0f327db3f02da5cea67ba005cfac23af
SHA1

1788b3f58eef32b76cef20caf84a2b192562657f
SHA256

945c5e666a997dd137c92b1593fec17ca9ec65df93b93cc89d355088ac096d5d
SHA512

909b9bee6ae9f17c38a9689e74df79e4491f8df1585a977427967b4f1af54d412083a5c7960980a31efb61babfb8fbb750033065ec30340f6ae6e56192fc5cf7
SSDEEP

3072:5OUY5Ay9no0sKI/+70VktnvX+gI+T2xA4BosQeeaQeeRQeesQeeWFQeehQeeNKq6:5OUY/oZKI/+7NvXOssQeeaQeeRQeesQh

Score

N/A

Malware Config

Signatures

Files

945c5e666a997dd137c92b1593fec17ca9ec65df93b93cc89d355088ac096d5d
.dll windows x86

e7e460fb04e28284b82c80a55f000122

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadProcessMemory
GetCurrentProcess
WriteProcessMemory
DisableThreadLibraryCalls
OpenFileMappingA
MapViewOfFile
ExitProcess
LoadLibraryA
Sleep
GetVersionExA
VirtualProtect
MulDiv
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleA
OutputDebugStringA
HeapFree
RtlUnwind
HeapAlloc
GetCommandLineA
GetVersion
RaiseException
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
CloseHandle
GetModuleHandleW

user32

GetAsyncKeyState
FindWindowA

gdi32

DeleteDC
CreateCompatibleDC
CreateDIBSection
SetMapMode
GetDeviceCaps
CreateFontA
SelectObject
SetTextColor
SetBkColor
SetTextAlign
GetTextExtentPoint32A
ExtTextOutA
DeleteObject

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7e460fb04e28284b82c80a55f000122

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 145KB - Virtual size: 145KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 13KB - Virtual size: 84KB

.sxdata Size: 512B - Virtual size: 8B

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 145KB - Virtual size: 145KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 13KB - Virtual size: 84KB

.sxdata
Size: 512B - Virtual size: 8B

.reloc
Size: 9KB - Virtual size: 9KB