4c496f9869cbf10e34818c462d4bf9873e32c81228602a3e48cca050d52ca67b

Sharing

Copy URL Twitter E-mail

General

Target

4c496f9869cbf10e34818c462d4bf9873e32c81228602a3e48cca050d52ca67b
Size

64KB
MD5

7447d70be2ae2f3fca4c8ba4e0b467e0
SHA1

d967f9eb3d26f8639b3ba3ed23925dfdc05d68b4
SHA256

4c496f9869cbf10e34818c462d4bf9873e32c81228602a3e48cca050d52ca67b
SHA512

0890e05e25865e6ac339a405a76e2b96ef5fc9336efa6b052f420acf10f956706cb0e9b6bf4662ec3f9cff15f9a67311c8e1974fbd7ae755a1c81c961c9d601f
SSDEEP

768:0L0BCImOi83mN0No6GzmK2xqkSyOhJ666n9Kc459lqgEHNa1Nwk3+43ppI0:0ABCIm0WN0NRTMakcy+mdO4D

Score

N/A

Malware Config

Signatures

Files

4c496f9869cbf10e34818c462d4bf9873e32c81228602a3e48cca050d52ca67b
.dll windows x86

86a939c5b40335562ba3d68cd69b14e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Beep
FreeLibrary
GetModuleFileNameA
GetProcAddress
lstrcmpA
GetTimeFormatW
GetSystemDefaultLangID
GetVersionExA
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
SetLastError
LockResource
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
LoadResource
lstrlenA
WaitForSingleObject
IsBadReadPtr
ReleaseMutex
CompareFileTime
CloseHandle
EnterCriticalSection
SystemTimeToFileTime
LeaveCriticalSection
GetLastError
Sleep
GetSystemTime
lstrcpynA
AreFileApisANSI
GetTickCount
GetUserDefaultLCID
LocalAlloc
GetLocaleInfoW
LocalReAlloc
GetCurrentProcess
LocalFree
DeleteFileW
ExpandEnvironmentStringsA
DeleteFileA
LoadLibraryA
LoadLibraryW
CreateProcessA
CreateProcessW
CreateMutexA
CreateMutexW
SearchPathA
SearchPathW
SetFileAttributesA
SetFileAttributesW
FindResourceA
FindResourceW
GetDateFormatW
GetTimeFormatA
ExpandEnvironmentStringsW
GetDateFormatA
HeapAlloc
GetProcessHeap
HeapFree
FreeResource

secur32

DecryptMessage
ExportSecurityContext
AddCredentialsW
SaslEnumerateProfilesW
AddSecurityPackageA
DeleteSecurityContext
RevertSecurityContext
InitializeSecurityContextA
AddSecurityPackageW
AcquireCredentialsHandleA
AcceptSecurityContext
QueryCredentialsAttributesA
SaslGetProfilePackageW
SaslIdentifyPackageA
InitSecurityInterfaceA
EnumerateSecurityPackagesW
SaslEnumerateProfilesA
ImportSecurityContextW
MakeSignature
EncryptMessage
CompleteAuthToken

Exports

Exports

qtvxovyrc

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86a939c5b40335562ba3d68cd69b14e4

Headers

File Characteristics

Imports

kernel32

secur32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 24KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 4KB - Virtual size: 528B

.text
Size: 28KB - Virtual size: 24KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 4KB - Virtual size: 528B