82fe9ba42ebd5fd335497683d1ed26271767e0c412b456a191cf8ee524f11fe2

General

Target

82fe9ba42ebd5fd335497683d1ed26271767e0c412b456a191cf8ee524f11fe2
Size

608KB
MD5

70787734a702f7fef4fdf74f85374d30
SHA1

155a2ef0cf290009798a46a14d1ef9985aee4ab5
SHA256

82fe9ba42ebd5fd335497683d1ed26271767e0c412b456a191cf8ee524f11fe2
SHA512

da7a1c837885b782462c0e684cb56168652c921de2558ca241ff90a01cdc36c0ea1fcc81559036fbd5531af797ace7656724617c06f3e51048a6e439f0227dfa
SSDEEP

12288:tZPrflqwgpPHVfZ+E2e58q8th8Gv6Jah4sjlgvh/ra9G:tZPrNqwgd1Z+Egh8GyaWsjCvp

Score

N/A

Malware Config

Signatures

Files

82fe9ba42ebd5fd335497683d1ed26271767e0c412b456a191cf8ee524f11fe2
.dll windows x86

9cb5fcd71ffcfa5cecab572295b9fa42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW

shell32

SHAddToRecentDocs
DragAcceptFiles
SHGetSpecialFolderLocation
ShellExecuteW

kernel32

CreateFileW
FreeLibrary
InterlockedExchange
WideCharToMultiByte
MultiByteToWideChar
GetDateFormatA
InterlockedDecrement
InterlockedIncrement
RaiseException
LocalFree
DeleteCriticalSection
EnterCriticalSection
SetEvent
UnhandledExceptionFilter
WaitForSingleObject
LeaveCriticalSection
GetModuleHandleW
QueryPerformanceCounter
ReadFile
GetVersionExA
GetCurrentProcessId
CloseHandle
InitializeCriticalSection
GetCurrentThreadId
VirtualFree
SetUnhandledExceptionFilter
GetModuleHandleA
VirtualAlloc
GetLastError
GetModuleFileNameW
GetTickCount

Exports

Exports

AsReadBuffer
Import
Int_FromSize_t
Number_AsSsize_t
ReplaceErrors
get_sBIT
set_bKGD
set_convert_mono
set_write_fn

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cb5fcd71ffcfa5cecab572295b9fa42

Headers

File Characteristics

Imports

advapi32

shell32

kernel32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 188KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 212KB - Virtual size: 210KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 192KB - Virtual size: 188KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 212KB - Virtual size: 210KB

.reloc
Size: 8KB - Virtual size: 7KB