5c8e0fff777b241814782b6df3298bbb03ef25203ccffc5a2f806b17ab18540a

Sharing

Copy URL Twitter E-mail

General

Target

5c8e0fff777b241814782b6df3298bbb03ef25203ccffc5a2f806b17ab18540a
Size

388KB
MD5

75c8eb0b035a3f858a209b084a585e80
SHA1

6969fee291f3e35fcfcf87dd8f9a720d4b8355d7
SHA256

5c8e0fff777b241814782b6df3298bbb03ef25203ccffc5a2f806b17ab18540a
SHA512

a7dddcab31edbf3e7bfadedaf26905263acbefa9815a2caba984c6e8b896ac71806950b82595085e6debbf79e6692ccaf3b5e2065ede9e1aa41496d91d790659
SSDEEP

6144:eANqT0qtLSYVAEN+AsLQZjdcu1kBfaG61Plv9FZO4i2:oFdwg+Kv7kFOnZOW

Score

N/A

Malware Config

Signatures

Files

5c8e0fff777b241814782b6df3298bbb03ef25203ccffc5a2f806b17ab18540a
.dll windows x86

d2b805ddd68eca93224b2002a49874fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCloseKey
RegCreateKeyW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW

oleaut32

LoadTypeLi
SysFreeString
UnRegisterTypeLi
SysAllocString
VarUI4FromStr
RegisterTypeLi
SysStringLen

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CoInitializeEx
CoTaskMemRealloc
OleCreateFromFile

kernel32

GetExitCodeThread
WideCharToMultiByte
InterlockedIncrement
LoadResource
ReleaseMutex
QueryPerformanceCounter
InitializeCriticalSection
GetCurrentProcessId
GetThreadLocale
Sleep
GetSystemTimeAsFileTime
lstrcmpiW
CreateEventW
MultiByteToWideChar
GetLastError
CreateFileW
CloseHandle
LocalAlloc
DeleteCriticalSection
LocalFree
InterlockedExchange
WaitForSingleObject
ReadFile
GetModuleFileNameW
LeaveCriticalSection
ResetEvent
GetModuleHandleA
WaitForMultipleObjects
VirtualAlloc
GetVersionExA
EnterCriticalSection
RaiseException
GlobalFree
DeviceIoControl
CreateMutexW
GlobalAlloc
InterlockedDecrement
GetModuleHandleW
SetUnhandledExceptionFilter
GetDateFormatA
InterlockedCompareExchange
SetEvent
FreeLibrary
lstrlenW
GetCurrentThreadId
TerminateProcess
CreateWaitableTimerW
UnhandledExceptionFilter
GetTickCount

Exports

Exports

InPlaceDivide
Instance_NewRaw
NotImplementedError
Proxy_Type
SetFromWindowsErr
WriteObjectToFile
vSetTargetMPath
write_init_3

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2b805ddd68eca93224b2002a49874fd

Headers

File Characteristics

Imports

advapi32

oleaut32

ole32

kernel32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 60KB - Virtual size: 60KB

.rsrc Size: 68KB - Virtual size: 67KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 68KB - Virtual size: 67KB

.reloc
Size: 8KB - Virtual size: 7KB