fe013acf64d5a8adab88aa3d1c0169c1d2cd359d7febe8bdc3a30af78c181704

General

Target

fe013acf64d5a8adab88aa3d1c0169c1d2cd359d7febe8bdc3a30af78c181704
Size

111KB
MD5

4bbba045ef5ae791f6ca3bd6262d6d93
SHA1

6e3f1d84ecbed6451c658d2d8e82015d3fa35f9a
SHA256

fe013acf64d5a8adab88aa3d1c0169c1d2cd359d7febe8bdc3a30af78c181704
SHA512

cc449c70268dd532116b4a8c66066e40727548b9d6ec8e08772d9c5491ba042b8764ddabaaa0191c173f007cfdfad6862b8dfac0733143cd668df901f9729d6c
SSDEEP

1536:ELREiJo7o1HeHLSui6xoxMqqU+NV23S2y9FSRc6auNsYpepqa:xUV6xoxMqqDLy/TG6abYoq

Score

N/A

Malware Config

Signatures

Files

fe013acf64d5a8adab88aa3d1c0169c1d2cd359d7febe8bdc3a30af78c181704
.dll windows x86

09e6555842f445ecdca5cb9e950aae3a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DisableThreadLibraryCalls
LocalAlloc
LocalFree
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
VirtualProtect
GetCurrentProcess
GetCommandLineA
RtlUnwind
GetVersion
ExitProcess
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
HeapAlloc
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

advapi32

RegCloseKey
RegSetValueExA

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09e6555842f445ecdca5cb9e950aae3a

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 60KB - Virtual size: 101KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 60KB - Virtual size: 101KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 3KB - Virtual size: 2KB