8c73ff1abba639645e8bc479c958494b960e712e2af8b1c021fedb91ed410f34

General

Target

8c73ff1abba639645e8bc479c958494b960e712e2af8b1c021fedb91ed410f34
Size

48KB
MD5

fddb365c7cfdeb409067243a3be02640
SHA1

e1ed166e85f0c923ae60662d8e0f1ee7b0c8fcc1
SHA256

8c73ff1abba639645e8bc479c958494b960e712e2af8b1c021fedb91ed410f34
SHA512

6ab2df8d043ec8a64eca1b05773f743910ccfd167f1bbbc690181c28f58996f406f82f3a9e8f794981748e6fc6e587b89ee72d4047743282265db5c23a8ca5bd
SSDEEP

768:AstEYihaSGl7gmXFltONamufL9tXIRorq7xqKd+NTld6ill0cbXA2:xtIhaSa7RltO4mufJxIzxqx+Wl0s1

Score

N/A

Malware Config

Signatures

Files

8c73ff1abba639645e8bc479c958494b960e712e2af8b1c021fedb91ed410f34
.dll windows x86

e8360ccf4b4e20aa61b2c9611dcd1495

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcessId
CreateToolhelp32Snapshot
Module32First
Module32Next
VirtualQuery
VirtualProtect
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetModuleFileNameA
ExitProcess
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InterlockedExchange
HeapFree
HeapAlloc
VirtualAlloc
GetSystemInfo
LCMapStringA
GetLastError
LCMapStringW
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
GetLocaleInfoA
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
InitializeCriticalSection
HeapSize

advapi32

RegCreateKeyA
RegCreateKeyW
RegCreateKeyExA
RegCreateKeyExW
RegOpenKeyW
RegOpenKeyExW
RegQueryValueA
RegQueryValueW
RegQueryValueExW
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8360ccf4b4e20aa61b2c9611dcd1495

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 3KB