3a925d2b08c34bd40c37e14ab6443cf9e0c688bbc0efe87584429cb3d7fe151f

Sharing

Copy URL Twitter E-mail

General

Target

3a925d2b08c34bd40c37e14ab6443cf9e0c688bbc0efe87584429cb3d7fe151f
Size

102KB
MD5

5ad0d0a67dd0debdeb781419c9f0b567
SHA1

1cd576ee005bfea8d9b95ea8cea52efd902599d3
SHA256

3a925d2b08c34bd40c37e14ab6443cf9e0c688bbc0efe87584429cb3d7fe151f
SHA512

c748121a91c2c632b186060ccfe9b0857de2da41760640e7ff32cf26de0351166ef9661a9d5e5ef20640a8037cd53e183d8dfff5b6bbc2dc0332a571832bf801
SSDEEP

1536:YsjL2boRLz9iiQxyEKaoLxq3gxfA9ZFjAmv7Iqrym6BRoPD7TKk:Fh1mysjQtAFjDFJwRobK

Score

N/A

Malware Config

Signatures

Files

3a925d2b08c34bd40c37e14ab6443cf9e0c688bbc0efe87584429cb3d7fe151f
.dll windows x86

102e9d9ae59c422376b308bb9d666987

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlUnwind
RtlCreateSecurityDescriptor
RtlSetDaclSecurityDescriptor
RtlInitUnicodeString
RtlDosPathNameToNtPathName_U
NtCreateFile
RtlFreeUnicodeString
NtClose
RtlInitAnsiString
RtlAnsiStringToUnicodeString
RtlUnicodeStringToInteger

kernel32

CloseHandle
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSection
GetCPInfo
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapCreate
HeapAlloc
HeapFree
HeapReAlloc
MultiByteToWideChar
WideCharToMultiByte
SetLastError
ReleaseMutex
WaitForSingleObject
SetFilePointer
GetLastError
GetEnvironmentVariableW
lstrlenW
GetSystemWindowsDirectoryW
CreateMutexA
VirtualProtect
InitializeCriticalSectionAndSpinCount
GetSystemInfo
VirtualFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
IsBadCodePtr
TlsSetValue
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
TlsFree
TlsGetValue
TlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
WriteFile
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP

Exports

Exports

GetHookAPIs
NotifyShims

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

102e9d9ae59c422376b308bb9d666987

Headers

File Characteristics

Imports

ntdll

kernel32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 28KB

.data Size: 67KB - Virtual size: 74KB

.rsrc Size: 1024B - Virtual size: 960B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 29KB - Virtual size: 28KB

.data
Size: 67KB - Virtual size: 74KB

.rsrc
Size: 1024B - Virtual size: 960B

.reloc
Size: 4KB - Virtual size: 4KB