61c789b4e5a03c317d48d4049ba01047eccfcda4b837e4bcccc7333fc4d8173e

Sharing

Copy URL Twitter E-mail

General

Target

61c789b4e5a03c317d48d4049ba01047eccfcda4b837e4bcccc7333fc4d8173e
Size

376KB
MD5

be13becd1e63fb36c2561a5d2799ea3f
SHA1

eb22bdc0d58a2bd0f53ad3eb9d5f8ddc1f31c60d
SHA256

61c789b4e5a03c317d48d4049ba01047eccfcda4b837e4bcccc7333fc4d8173e
SHA512

0e11d4a4f483d8eab99d6e03439f995f1ac1226e2183f876e4f1de3cac9d7120a4be486c8ae4bad92d716fa3088dd46189ef33fed1e3b8c8ac214ecf63d79e45
SSDEEP

6144:wC9Dkfew/K3Qjh4YfngVFPzZaucciidF/RqqDLuy03oWDUw7E6148+sjT0Y:wC9Afew/K3Qj3fgVFqcirqnunZg614Sz

Score

N/A

Malware Config

Signatures

Files

61c789b4e5a03c317d48d4049ba01047eccfcda4b837e4bcccc7333fc4d8173e
.dll windows x86

65a28adf8994043032e50fe57db4a66b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

MultiByteToWideChar
GetLastError
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
lstrlenA
CloseHandle
InterlockedExchange
GetSystemDirectoryA
SetEvent
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
CreateEventA
SetThreadPriority
GetCurrentThread
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedIncrement
InterlockedDecrement
GlobalMemoryStatus
GetDiskFreeSpaceA
GetEnvironmentStringsW
GetEnvironmentStrings
GetLocalTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
HeapDestroy
SetUnhandledExceptionFilter
HeapReAlloc
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DeviceIoControl
GetVersionExA
GetModuleHandleW
InterlockedCompareExchange
HeapSize
HeapFree
GetProcessHeap
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
Sleep
GetModuleHandleA
LoadLibraryA
GetProcAddress
IsProcessorFeaturePresent

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA

msvcr71

strncpy
_strnicmp
rand
srand
memset
memcpy
_vsnprintf
realloc
_CIpow
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
strtoul
strchr
_purecall
memmove
wcslen
??0exception@@QAE@ABV0@@Z
??_U@YAPAXI@Z
??_V@YAXPAX@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
_CxxThrowException
_except_handler3
free
malloc

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Exports

Exports

CanUnload
RMACreateInstance

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65a28adf8994043032e50fe57db4a66b

Headers

File Characteristics

Imports

ole32

version

kernel32

advapi32

msvcr71

msvcp71

Exports

Exports

Sections

.text Size: 136KB - Virtual size: 134KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 196KB - Virtual size: 195KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 136KB - Virtual size: 134KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 196KB - Virtual size: 195KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 11KB