71f04bfcec83a7a61d023567c4eb27d273047daa20a9d2dd3b1dfc7f449462a8

General

Target

71f04bfcec83a7a61d023567c4eb27d273047daa20a9d2dd3b1dfc7f449462a8
Size

93KB
MD5

fc8da79a25f1dff27e386206d8a490ec
SHA1

01adf3ef0d045cf9cb463a06452a8ce84d7a5bfe
SHA256

71f04bfcec83a7a61d023567c4eb27d273047daa20a9d2dd3b1dfc7f449462a8
SHA512

5309639c228903274678e5e9c772517ad55297fc564bb2630a441cb032eab2c234bb7d3d16ea1751f30023f14343e3843d9a040ba65c90f05d3dff7039c9ca1a
SSDEEP

1536:4GBjIAUTGBmqenv/vzHYQhAJ9bYrLFhhIsdm8ZACymBHzvXNqYJt:1IAzBmvnvDzirEhHtdXymBTMEt

Score

N/A

Malware Config

Signatures

Files

71f04bfcec83a7a61d023567c4eb27d273047daa20a9d2dd3b1dfc7f449462a8
.exe windows x86

1a9ea53f5f7069d47bf1ab8a9f03dd9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
wcscpy
rand
__setusermatherr
_initterm
__winitenv
exit
__p__commode
_adjust_fdiv
_pctype
_errno
__wgetmainargs

ntdll

NtTerminateProcess
NtWaitForMultipleObjects
_wcsupr
NtQueryInformationFile
wcsncmp
sprintf
RtlFreeHeap
RtlUnicodeToOemN
RtlRaiseStatus
RtlAddAccessAllowedAce
RtlAnsiStringToUnicodeString
RtlAddAce

kernel32

GetFileType
LocalAlloc
GetVersionExA
lstrcatW
GetCommandLineA
LoadLibraryA
lstrcpyA
GetModuleHandleA
OpenProcess
UnhandledExceptionFilter
GetDriveTypeW
SetStdHandle
GetCurrentProcess
SetEvent
GetSystemDirectoryA
GetFullPathNameW
ResetEvent

ulib

??1PROGRAM@@UAE@XZ
??1ARRAY@@UAE@XZ
?SetAttributes@FSN_FILTER@@QAEEKKK@Z
?PutSeparators@ARGUMENT_LEXEMIZER@@QAEXPBD@Z
?PrepareToParse@ARGUMENT_LEXEMIZER@@QAEEPAVWSTRING@@@Z
?Initialize@WSTRING@@QAEEPBV1@KK@Z
?DisplayMessage@PROGRAM@@UBAEKW4MESSAGE_TYPE@@PADZZ
??1PATH_ARGUMENT@@UAE@XZ
?Initialize@PATH_ARGUMENT@@QAEEPADE@Z
?Usage@PROGRAM@@UBEXXZ
??0FSN_FILTER@@QAE@XZ
??1STRING_ARGUMENT@@UAE@XZ
?ValidateVersion@PROGRAM@@UBEXKK@Z
?Display@MESSAGE@@QAAEPBDZZ
?Initialize@WSTRING@@QAEEPBDK@Z
??0PROGRAM@@IAE@XZ
?Put@ARRAY@@UAEEPAVOBJECT@@@Z
??0LONG_ARGUMENT@@QAE@XZ
??1STREAM_MESSAGE@@UAE@XZ

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a9ea53f5f7069d47bf1ab8a9f03dd9c

Headers

File Characteristics

Imports

msvcrt

ntdll

kernel32

ulib

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 47KB - Virtual size: 47KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 47KB - Virtual size: 47KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB