c657e4055798cf6d65190cf861bf6259565e91d54a932ed690762e6c3cbe558c

Sharing

Copy URL Twitter E-mail

General

Target

c657e4055798cf6d65190cf861bf6259565e91d54a932ed690762e6c3cbe558c
Size

306KB
MD5

294e5591a31759d9fb2024e4b454a2d4
SHA1

3fc0ae86975b30b01787ff46dfb778d0315d59ec
SHA256

c657e4055798cf6d65190cf861bf6259565e91d54a932ed690762e6c3cbe558c
SHA512

5c26c9eacbbe0be2d03dfcc5bc9951fe550a4dbc8ff669afe246899f324c44536123404b134de918a06768dc8c50cb014296cc2f1a4322edf5437b5732234264
SSDEEP

6144:ObsvxsWrUg4PX+iFSzAnl/8NJ9P0CLezZqjQHsYeBIZ7Ct3gzh4WDbTJ0tW3Uox:2s+hEsEvBI7Cte4WL0Gx

Score

N/A

Malware Config

Signatures

Files

c657e4055798cf6d65190cf861bf6259565e91d54a932ed690762e6c3cbe558c
.dll windows x86

52f4302ab663bdcbf88fa3000657f312

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
DeregisterEventSource

kernel32

CloseHandle
DebugBreak
DeleteCriticalSection
DeleteTimerQueueTimer
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsW
FlushFileBuffers
FormatMessageA
FormatMessageW
GetACP
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeThread
GetFileSize
GetLastError
GetLocalTime
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessPriorityBoost
GetProcessVersion
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GlobalAlloc
HeapCreate
HeapDestroy
HeapFree
HeapLock
HeapReAlloc
HeapUnlock
HeapWalk
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalReAlloc
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
ReadFile
RtlUnwind
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
WriteFile

oleaut32

SysAllocString
VarBstrFromCy
VarCyFromI2
VarI4FromI1
VarUI2FromUI4
VariantInit

ole32

CoInitializeEx
CoTaskMemFree
CLSIDFromString

Exports

Exports

AddPicture2
EnumTvValueNext
GetDevice
GetLastError
Launch
Malloc
MemGetInfo
Memcpy2DToArray
ReadDevParamFromRAW
ReflectParamValues

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52f4302ab663bdcbf88fa3000657f312

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

oleaut32

ole32

Exports

Exports

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 106KB - Virtual size: 105KB

.data Size: 512B - Virtual size: 138KB

.rsrc Size: 149KB - Virtual size: 149KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 106KB - Virtual size: 105KB

.data
Size: 512B - Virtual size: 138KB

.rsrc
Size: 149KB - Virtual size: 149KB

.reloc
Size: 2KB - Virtual size: 2KB