ff4627594eef6f8e2fe93c42b904738253927bffb824e47c4457577c2fd9109b

Sharing

Copy URL Twitter E-mail

General

Target

ff4627594eef6f8e2fe93c42b904738253927bffb824e47c4457577c2fd9109b
Size

857KB
MD5

f61e86f3330c3ff6e8f05fdbc3ca5fca
SHA1

2171b4e6fd444082452a92af77374c265cb8d9fc
SHA256

ff4627594eef6f8e2fe93c42b904738253927bffb824e47c4457577c2fd9109b
SHA512

2cdc75745a564c54699a0ce6407e2ce127af59790c2d6798d3794d2ee299e0731db39fed1560d79a835b567287ebe89e818df1bb34d61daa74536c4a3cc21544
SSDEEP

24576:dl9t5Mj56Z6rE4OE7j4COnUv9KRxMYyg0SHZF0v2X:dXv46k3DPAlZNX

Score

N/A

Malware Config

Signatures

Files

ff4627594eef6f8e2fe93c42b904738253927bffb824e47c4457577c2fd9109b
.dll windows x86

70db240b5de637e88147a5defb0b37c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
GetLastError
ReadFile
HeapFree
EnterCriticalSection
WriteFile
GetPrivateProfileIntW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
SetFilePointer
CreateFileW
TlsAlloc
CloseHandle
RaiseException
LoadLibraryW
HeapAlloc
GetProcAddress
DeleteCriticalSection
GetProcessHeap
FreeLibrary
TlsFree
TlsGetValue
GetFileSize
GetFullPathNameW
TlsSetValue
GetModuleHandleW
GetCurrentProcessId
GetModuleHandleExW
DeviceIoControl
InitializeCriticalSection
GetModuleFileNameA
LoadLibraryA
FormatMessageA
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
SetLastError
Sleep
GetSystemTimeAsFileTime
GetTickCount
LoadLibraryExW
GetVersion
InterlockedCompareExchange
InterlockedExchange
RtlUnwind
OpenThread
GetCurrentThreadId
CreateMutexW
WaitForSingleObject
ReleaseMutex
HeapWalk
HeapUnlock
HeapLock
SetFilePointerEx
GetFileSizeEx
SystemTimeToFileTime
LocalFileTimeToFileTime
CreateFileA
OutputDebugStringW
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
QueryPerformanceCounter

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
memmove
??_V@YAXPAX@Z
??_U@YAPAXI@Z
exit
free
wcsrchr
towlower
_vsnwprintf
_wcsicmp
strchr
ftell
freopen
ferror
fopen
fclose
realloc
fseek
fgetc
getc
fprintf
ungetc
feof
strstr
fread
strrchr
strerror
malloc
strtoul
fputs
isspace
getenv
setlocale
clock
remove
_mktime64
strftime
_gmtime64
rename
tmpnam
_localtime64
strpbrk
toupper
isupper
tolower
isalpha
strncpy
isxdigit
isalnum
sprintf
iscntrl
memchr
ispunct
isdigit
islower
modf
srand
rand
ldexp
frexp
fflush
clearerr
_pclose
fgets
tmpfile
fwrite
setvbuf
_popen
longjmp
strtod
strcspn
strncat
strcoll
localeconv
memset
abort
wcsncmp
ceil
_setjmp3
_CItanh
_CItan
_CIsqrt
_CIsinh
_CIsin
_CIpow
_CIlog10
memcpy
_lseeki64
_lock
_unlock
_amsg_exit
_iob
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
_CxxThrowException
memcmp
swscanf
_vsnprintf
__dllonexit
_onexit
??1type_info@@UAE@XZ
_XcptFilter
_initterm
_CIlog
mbtowc
__mb_cur_max
isleadbyte
_snprintf
_itoa
wctomb
_CIfmod
__badioinfo
__pioinfo
_fileno
_write
_isatty
fscanf
?terminate@@YAXXZ
_wcslwr
_errno
__CxxFrameHandler
system
_wcsnicmp
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
floor

Exports

Exports

get_lua_env_dispatch
get_lua_raw_dispatch

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qihoo0
Size: 566KB - Virtual size: 566KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70db240b5de637e88147a5defb0b37c9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 210KB - Virtual size: 210KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 9KB - Virtual size: 13KB

.qihoo0 Size: 566KB - Virtual size: 566KB

.reloc Size: 10KB - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 210KB - Virtual size: 210KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 9KB - Virtual size: 13KB

.qihoo0
Size: 566KB - Virtual size: 566KB

.reloc
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB