634349ea341dad1d3b43986a5a2c5153be72f3076173576c7ee0a6e880071fcc

General

Target

634349ea341dad1d3b43986a5a2c5153be72f3076173576c7ee0a6e880071fcc
Size

400KB
MD5

d92ef82d4a3a6b37e09076753a664b40
SHA1

1ddcd9b7d0594b926f74139c9f318bdb99e3f3d2
SHA256

634349ea341dad1d3b43986a5a2c5153be72f3076173576c7ee0a6e880071fcc
SHA512

01a31438879a31b799711cc203c5bfa8fc846e04877ea1834eb368b40213027389f20bedcc4a6be10714d77e431be56d42619b156abc4af23dc2f33da649677d
SSDEEP

6144:isQnhv694pZMivjmAl4/yZ/GXV6HWiZiEto+ryzFr+gxW9S:iVnI94pmiLmX/0WOpK++zR+giS

Score

N/A

Malware Config

Signatures

Files

634349ea341dad1d3b43986a5a2c5153be72f3076173576c7ee0a6e880071fcc
.dll windows x86

5e0d9c03b0fec9376bbb5e1f4dc02ef4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
EnterCriticalSection
InterlockedIncrement
WideCharToMultiByte
GetCurrentThreadId
GetModuleFileNameW
FreeLibrary
InterlockedDecrement
ReadFile
InitializeCriticalSection
GetModuleHandleA
CloseHandle
GetDateFormatA
RaiseException
GetLastError
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
CreateFileW
MultiByteToWideChar
UnhandledExceptionFilter
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
GetVersionExA
LeaveCriticalSection
GetTickCount
LocalFree
WaitForSingleObject

shell32

DragAcceptFiles
SHGetSpecialFolderLocation
ShellExecuteW
SHAddToRecentDocs

advapi32

RegQueryValueExW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegCloseKey

Exports

Exports

BufferError
Instance_New
Long_FromLongLong
ParseFileFlags
RealAsDouble
get_y_offset_microns

Sections

.text
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e0d9c03b0fec9376bbb5e1f4dc02ef4

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 177KB

.rdata Size: 88KB - Virtual size: 87KB

.data Size: 40KB - Virtual size: 40KB

.rsrc Size: 80KB - Virtual size: 78KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 180KB - Virtual size: 177KB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 80KB - Virtual size: 78KB

.reloc
Size: 8KB - Virtual size: 7KB