f2397e06b5140b2c7f338662720ae0046a2b4b32c18bb10f687557599905d281

General

Target

f2397e06b5140b2c7f338662720ae0046a2b4b32c18bb10f687557599905d281
Size

558KB
MD5

31b1d1cd0dca5be557adb62564985170
SHA1

aef367337c52b501bed2320b2d02c250e9d2dccb
SHA256

f2397e06b5140b2c7f338662720ae0046a2b4b32c18bb10f687557599905d281
SHA512

4e20ce6ce7036b9ba5471719c6c93b33565302461325f6a175dfbfce13fc20e6d654e117aeb87b74e416907688a1c48d28352526413db427204223d58192aa53
SSDEEP

6144:cb5gOmnRtXj33EuGRaFbS9IwFFLIsr8kD6YnKVcePXMRVwlLAl7HkzDZR:cFg5RFjnpG6S9DIsrbWBamH9aL0

Score

N/A

Malware Config

Signatures

Files

f2397e06b5140b2c7f338662720ae0046a2b4b32c18bb10f687557599905d281
.dll windows x86

35adf47dbcc03e385ac045be7aeee5e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msjet40

ord177

kernel32

GetComputerNameA
GetTempPathA
GetFullPathNameA
GetModuleHandleA
IsDBCSLeadByte
GetLastError
GetFileType
GetFileSize
ReadFile
SetFilePointer
WriteFile
FlushFileBuffers
SetEndOfFile
LockFile
UnlockFile
GlobalSize
GetTickCount
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
VirtualAlloc
VirtualFree
GetCurrentThreadId
GetProcAddress
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
DisableThreadLibraryCalls
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
DeleteFileA
CreateFileA
GetTempFileNameA
LoadLibraryA
GetModuleFileNameW
VirtualProtect
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalUnlock
GlobalFree
CloseHandle

advapi32

RegCloseKey
RegDeleteKeyA
RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegSetValueExA
RegSetValueExW

Exports

Exports

ServiceMain
DllUnregisterServer

Sections

.text
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35adf47dbcc03e385ac045be7aeee5e8

Headers

File Characteristics

Imports

msjet40

kernel32

advapi32

Exports

Exports

Sections

.text Size: 252KB - Virtual size: 250KB

.data Size: 144KB - Virtual size: 144KB

.rsrc Size: 140KB - Virtual size: 136KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 252KB - Virtual size: 250KB

.data
Size: 144KB - Virtual size: 144KB

.rsrc
Size: 140KB - Virtual size: 136KB

.reloc
Size: 8KB - Virtual size: 6KB