3dda3ee9164d6815a18a2c23651a53c35d52e3a5ad375001ec824cf532c202e6

Sharing

Copy URL

Twitter E-mail

General

Target

3dda3ee9164d6815a18a2c23651a53c35d52e3a5ad375001ec824cf532c202e6
Size

30KB
MD5

9478050023c7f8668df4fc39b0ddd79c
SHA1

7925725cfb04d796f497e5142cba62860fbf87a9
SHA256

3dda3ee9164d6815a18a2c23651a53c35d52e3a5ad375001ec824cf532c202e6
SHA512

74bbf45112de1bf0d51ab0295118035a7e2c2028dd9b03bb8e222b9ccf6e077014c6b5d211b9d3ebe6434a41d883bcae14a0a3e969550ef094b30b73a38514e9

Score

N/A

Malware Config

Signatures

Files

3dda3ee9164d6815a18a2c23651a53c35d52e3a5ad375001ec824cf532c202e6
.exe windows x86

0c89550c464c4d83cfa77b67633170e7

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
Process32NextW
LoadLibraryA
Process32FirstW
CloseHandle
SetVolumeMountPointW
GetProcAddress
FindVolumeClose
GetVolumePathNamesForVolumeNameW
FindNextVolumeW
GetTickCount
lstrcmpW
GetDriveTypeW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ReadFile
GetLogicalDrives
FindFirstFileW
GetFileSizeEx
GetCommandLineW
FindNextFileW
Sleep
WaitForMultipleObjects
SetProcessShutdownParameters
FindClose
CreateMutexA
WaitForSingleObject
CreateFileW
ExitThread
SetFileAttributesW
OpenMutexA
lstrcatW
GetSystemInfo
CreateThread
SetFilePointerEx
MoveFileExW
ExitProcess
GetCurrentProcessId
lstrcpyW
lstrcmpiW
HeapFree
HeapAlloc
GetProcessHeap
ReleaseSemaphore
CreateSemaphoreA
SetUnhandledExceptionFilter
CreateToolhelp32Snapshot
OpenProcess
GetModuleHandleA
TerminateProcess
lstrlenW
GetCurrentProcess
WriteFile
FindFirstVolumeW
UnhandledExceptionFilter
IsProcessorFeaturePresent

advapi32

CryptGenRandom
EnumDependentServicesA
CloseServiceHandle
OpenSCManagerA
ControlService
QueryServiceStatusEx
OpenServiceA
CryptAcquireContextW

shell32

ShellExecuteW
CommandLineToArgvW
SHEmptyRecycleBinA

netapi32

NetShareEnum
NetApiBufferFree

rstrtmgr

RmEndSession
RmStartSession
RmGetList
RmRegisterResources

mpr

WNetGetConnectionW
WNetCloseEnum
WNetOpenEnumW
WNetEnumResourceW

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c89550c464c4d83cfa77b67633170e7

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

netapi32

rstrtmgr

mpr

Sections

.text Size: 24KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 948B

.idata Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 8B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 948B

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 8B

.reloc
Size: 1KB - Virtual size: 1KB