e17ac3ae41107f94f90015c4690f466e0a662cf5866b45c154f4bfe16a6b4431

Sharing

Copy URL Twitter E-mail

General

Target

e17ac3ae41107f94f90015c4690f466e0a662cf5866b45c154f4bfe16a6b4431
Size

668KB
MD5

75667a21b1880a19a8c7e86cc52eee50
SHA1

7312b54bd45550a8946cdadd96a09d0658f3c1af
SHA256

e17ac3ae41107f94f90015c4690f466e0a662cf5866b45c154f4bfe16a6b4431
SHA512

906ac560a6c750dc3dfbe921b3e39a10f991fa6df05c4bb48d33cae6c537e9a847fe20d3df048af6df42df4a4987bc5f8b5972a96f76f3daa5f794f800596306
SSDEEP

12288:YXdoqEplP+HeOhxlpbpFBokFQDDiG83bMd9NE0J:BNP0tSW/SEW

Score

N/A

Malware Config

Signatures

Files

e17ac3ae41107f94f90015c4690f466e0a662cf5866b45c154f4bfe16a6b4431
.exe windows x86

cf555adbd54da58572363b3acf4e421f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

tier0

AssertValidStringPtr
Plat_IsInDebugSession
_AssertValidWritePtr
_AssertValidReadPtr
?Lock@CThreadFastMutex@@ACEXII@Z
Warning
?DevMsg@@YAXPBDZZ
InstallProgressReportHandler
CommandLine_Tier0
GetThreadedLoadLibraryFunc
StackToolsNotify_LoadedLibrary
Plat_FloatTime
Error
g_pMemAlloc
GetCPUInformation
ThreadWaitForObjects
ReleaseThreadHandle
CreateSimpleThread
?DevWarning@@YAXPBDZZ

kernel32

QueryPerformanceCounter
CreateFileMappingA
LoadLibraryExA
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
CreateFileA
ReadFile
SetFilePointer
CloseHandle
GetProcAddress
GetModuleHandleA
ExitProcess
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetDriveTypeA
GetLastError
GetFullPathNameA
GetCurrentDirectoryA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
WriteFile
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
FreeLibrary
LoadLibraryA
InitializeCriticalSection
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
Sleep
HeapSize
RtlUnwind
GetLocaleInfoA
VirtualAlloc
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

vstdlib

KeyValuesSystem

Exports

Exports

CreateInterface
cvar
g_pCVar

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oli
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 496KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cf555adbd54da58572363b3acf4e421f

Headers

File Characteristics

Imports

tier0

kernel32

vstdlib

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 12KB - Virtual size: 84KB

.oli Size: - Virtual size: 1B

.vmp0 Size: 496KB - Virtual size: 1.6MB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 12KB - Virtual size: 84KB

.oli
Size: - Virtual size: 1B

.vmp0
Size: 496KB - Virtual size: 1.6MB