General
-
Target
37edb3ec9a395b8967047883be3fb9e745fdb0abf13eda74f105505e56797648.bin
-
Size
840KB
-
MD5
c3584732225f46e9c9d1a03e04dae4eb
-
SHA1
2918b50ea3e17392261739bd1583e4856556a944
-
SHA256
37edb3ec9a395b8967047883be3fb9e745fdb0abf13eda74f105505e56797648
-
SHA512
89729cb5b4fef7ce42bed116257ec9a99d5f64e01c3f8d37cedd4e484f1aff05637bad74ba0f064e60f3041c0c9d93de5ae7ea6d893a827e01eaba9195a8a810
-
SSDEEP
24576:XURXaQdx39FRbms01hja2y4ytS0jPIou6A:wqQlbm9DXyttjwt6A
Malware Config
Extracted
vidar
41.1
903
https://mas.to/@bardak1ho
-
profile_id
903
Files
-
37edb3ec9a395b8967047883be3fb9e745fdb0abf13eda74f105505e56797648.bin.exe windows x86
422c1a894fb7ba8c5b29fe9ee067d2cb
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LocalFree
HeapAlloc
GetProcessHeap
HeapFree
lstrcatA
CreateDirectoryA
FindClose
FindNextFileW
DeleteFileW
lstrcmpW
FindFirstFileW
lstrcatW
lstrcpyW
FindNextFileA
CopyFileA
FindFirstFileA
GetDriveTypeA
GetLogicalDriveStringsA
DeleteFileA
GetCurrentProcessId
SetCurrentDirectoryA
CopyFileW
CloseHandle
WriteFile
CreateFileA
MultiByteToWideChar
ReadFile
GetFileSize
GetVersionExA
GetFileSizeEx
GetCurrentDirectoryA
GetPrivateProfileSectionNamesA
Process32Next
Process32First
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
GetProcAddress
LoadLibraryA
FreeLibrary
GetFileAttributesA
FileTimeToSystemTime
InterlockedCompareExchange
OutputDebugStringW
OutputDebugStringA
WaitForSingleObjectEx
WaitForSingleObject
UnmapViewOfFile
UnlockFileEx
UnlockFile
SystemTimeToFileTime
SetFilePointer
SetEndOfFile
QueryPerformanceCounter
MapViewOfFile
LockFileEx
LockFile
LoadLibraryW
HeapCompact
HeapValidate
HeapSize
HeapReAlloc
HeapDestroy
HeapCreate
GetVersionExW
LocalAlloc
GetTempPathW
GetTempPathA
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetLastError
GetFullPathNameW
GetFullPathNameA
GetFileAttributesExW
GetFileAttributesW
GetDiskFreeSpaceW
GetDiskFreeSpaceA
FormatMessageW
FormatMessageA
FlushFileBuffers
CreateMutexW
CreateFileMappingW
CreateFileMappingA
CreateFileW
AreFileApisANSI
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
TryEnterCriticalSection
GetCurrentThreadId
GetComputerNameA
IsWow64Process
GetCurrentProcess
GlobalMemoryStatus
GetModuleHandleA
GetUserDefaultLocaleName
TzSpecificLocalTimeToSystemTime
GetTimeZoneInformation
GetLocaleInfoA
GetFileInformationByHandle
GetLocalTime
CompareStringW
SetStdHandle
WideCharToMultiByte
Sleep
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetStringTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetConsoleMode
GetConsoleCP
SetEnvironmentVariableA
SetEnvironmentVariableW
GetModuleFileNameW
IsValidCodePage
GetOEMCP
GetACP
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetTickCount
ExitProcess
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
EncodePointer
DecodePointer
RaiseException
RtlUnwind
ExitThread
CreateThread
GetCommandLineA
HeapSetInformation
GetStartupInfoW
LCMapStringW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW
TlsAlloc
WriteConsoleW
user32
GetDesktopWindow
advapi32
GetUserNameA
shell32
SHFileOperationA
ShellExecuteA
SHGetFolderPathA
shlwapi
PathMatchSpecW
PathMatchSpecA
psapi
GetModuleFileNameExA
GetModuleBaseNameA
EnumProcessModules
wininet
DeleteUrlCacheEntry
gdiplus
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipCloneImage
GdipGetImageEncoders
GdiplusShutdown
GdipFree
GdipAlloc
GdiplusStartup
GdipDisposeImage
Sections
.text Size: 731KB - Virtual size: 731KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 97KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE