c1b5feb669c7ef80e954f05de55d4889cb8d1af7e2fa10e25380598c80106f53

General

Target

c1b5feb669c7ef80e954f05de55d4889cb8d1af7e2fa10e25380598c80106f53
Size

7KB
MD5

675d29c012c95aa5e523de3cd24a0c49
SHA1

50a44bd8bd88802c4214f33bea2a8448e51250e6
SHA256

c1b5feb669c7ef80e954f05de55d4889cb8d1af7e2fa10e25380598c80106f53
SHA512

008406ac6f13d7222598b53a893c33a83407eb2373e678bba80c2d54b855885de800af529d9fc2d8cd7c082e040d2ffc6cfdce1cc7084e9615b7cad542040d61
SSDEEP

96:sbVNgqnMLiKvZL0X1/agYW2vuH6wf70zBfWmoK560PaJzJkW2ClOLZLy9:eVNHzl/ag7fhmoKJPsmW2cOBy9

Score

N/A

Malware Config

Signatures

Files

c1b5feb669c7ef80e954f05de55d4889cb8d1af7e2fa10e25380598c80106f53
.dll windows x86

b3b2b6435fd18c93558789ac09dcba99

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
VirtualAllocEx
OpenProcess
VirtualFreeEx
Sleep
WritePrivateProfileStringA
GetPrivateProfileStringA
GetSystemDirectoryA
LoadLibraryA
CreateRemoteThread
WaitForSingleObject
CloseHandle
FindClose
FindFirstFileA
ExitProcess
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter

advapi32

RegCreateKeyA
RegSetValueExA
RegCloseKey

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExA

msvcr71

_itoa
strncat
strcpy
strlen
strstr
strcat
strcmp
_beginthread
__security_error_handler
_except_handler3
_strlwr

Exports

Exports

??0Copendll@@QAE@XZ
??4Copendll@@QAEAAV0@ABV0@@Z
?fnopendll@@YAHXZ
?nopendll@@3HA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3b2b6435fd18c93558789ac09dcba99

Headers

File Characteristics

Imports

kernel32

advapi32

psapi

msvcr71

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 1024B - Virtual size: 880B

.reloc Size: 512B - Virtual size: 446B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 1024B - Virtual size: 880B

.reloc
Size: 512B - Virtual size: 446B