93f35b3750c84b145f8b7bd610819c456fcb070d9e25e932939cb85251f2be47

Sharing

Copy URL

Twitter E-mail

General

Target

93f35b3750c84b145f8b7bd610819c456fcb070d9e25e932939cb85251f2be47
Size

532KB
MD5

244aae3e1f393194b1a6e813bcad6af0
SHA1

0a3fc1b81a6cbf9733a1c496b1b7a97159e63dca
SHA256

93f35b3750c84b145f8b7bd610819c456fcb070d9e25e932939cb85251f2be47
SHA512

3c8ccc5f06c950d32494c2ff50e03b81cd50522b5f0f7aea3b996bc45897f86f1f6c1ad6491091b3362724acd0e28cf9db0a6efc5e812f075e3917f86dcf5649
SSDEEP

12288:GI1GY1PD65iY1dWPNCLfaDAOwlKWuU7UmFY310M:Gam5pdWPNUM5wr+uYld

Score

N/A

Malware Config

Signatures

Files

93f35b3750c84b145f8b7bd610819c456fcb070d9e25e932939cb85251f2be47
.dll windows x86

d3304b4ff48fd1ce3e0345018b21a6e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
RegisterTypeLi
SysAllocString
VarUI4FromStr
SysStringLen
UnRegisterTypeLi
LoadTypeLi

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW
CryptGetKeyParam
RegEnumKeyExW
RegQueryInfoKeyW

shell32

ShellExecuteW

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize
CoInitializeEx
CoCreateInstance

kernel32

InitializeCriticalSection
InterlockedExchange
GetModuleHandleA
CreateMutexW
lstrlenW
MultiByteToWideChar
SetEvent
RaiseException
GlobalAlloc
SetUnhandledExceptionFilter
CloseHandle
EnterCriticalSection
DeleteCriticalSection
ReadFile
LoadResource
Sleep
lstrcmpiW
GetVersionExA
CreateFileW
GetDateFormatA
WaitForSingleObject
UnhandledExceptionFilter
LocalAlloc
VirtualAlloc
TerminateProcess
GetTickCount
GetLastError
InterlockedCompareExchange
DeviceIoControl
QueryPerformanceCounter
GetModuleHandleW
WideCharToMultiByte
LeaveCriticalSection
LocalFree
GetModuleFileNameW
InterlockedDecrement
GetCurrentThreadId
GetSystemTimeAsFileTime
FreeLibrary
GlobalFree
InterlockedIncrement
GetCurrentProcessId

Exports

Exports

ASTFromString
BadInternalCall
GC_UnTrack
SetItem
get_compression_type
get_valid
init_mmx_flags
vExecTokenA
write_png

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3304b4ff48fd1ce3e0345018b21a6e2

Headers

File Characteristics

Imports

oleaut32

advapi32

shell32

ole32

kernel32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 156KB - Virtual size: 155KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 156KB - Virtual size: 155KB

.reloc
Size: 8KB - Virtual size: 7KB