6be4a095a0b8d21f9405c932568322061573693608d35e32a164172d57b766b8

Sharing

Copy URL Twitter E-mail

General

Target

6be4a095a0b8d21f9405c932568322061573693608d35e32a164172d57b766b8
Size

102KB
MD5

773f10afae106521fdbe108bc3ae094c
SHA1

7c5f1973485efe569a3a64d612b7350420567bf4
SHA256

6be4a095a0b8d21f9405c932568322061573693608d35e32a164172d57b766b8
SHA512

fdd3a84bb7ac7510a86a8b37917f47362f5cf5f4091e3e07fee88f3361484e3c6ab35943966071987bd36408a2c4ac54fe88bd8600bfc170c7db892c4d707c0e
SSDEEP

1536:oX8HeWc3mkDYv82CyKFrUVgeWmaOalOw6J2sc4NTySJ30sN51gPBOpvFqW4YoSg+:oXCm2CyKFrbEJ2KTtJEca0sWeS+Mr/

Score

N/A

Malware Config

Signatures

Files

6be4a095a0b8d21f9405c932568322061573693608d35e32a164172d57b766b8
.dll windows x86

cda6538821946842184ee975cca41b90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceA
GetComputerNameA
DisableThreadLibraryCalls
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
GetCurrentProcessId
FreeLibrary
GetCurrentThreadId
GetProcAddress
DeviceIoControl
GetTickCount
CloseHandle
GetVersionExW
GetLocalTime
QueryPerformanceCounter
GlobalMemoryStatus
RaiseException
WaitForSingleObject
EnterCriticalSection
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
lstrcmpW
SetLastError
GetLastError
DeleteCriticalSection
LeaveCriticalSection
LocalAlloc
LocalFree
GetCommandLineA
VirtualProtect
VirtualFree
SetEvent
VirtualAlloc

advapi32

RegCloseKey

gdi32

GetCurrentObject
SelectPalette
SetDIBColorTable
PatBlt
DeleteObject
CreateSolidBrush
SelectObject
GetNearestPaletteIndex
GetNearestColor

ole32

CoCreateInstance
CLSIDFromString

msvcr71

malloc
__CppXcptFilter
_except_handler3
mbstowcs
_stricmp
strchr
_CIpow
_onexit
_adjust_fdiv
vswprintf
_wcsnicmp
_ftol
__dllonexit
iswalnum
iswspace
iswpunct
wcslen
_amsg_exit
free
_wcsicmp
_CxxThrowException
_initterm

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cda6538821946842184ee975cca41b90

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 38KB - Virtual size: 72KB

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 38KB - Virtual size: 72KB

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB