2d3418f39cb778b1c21c606c31e020729768ddf9f5a1df521edde4366d50a4fa

Sharing

Copy URL Twitter E-mail

General

Target

2d3418f39cb778b1c21c606c31e020729768ddf9f5a1df521edde4366d50a4fa
Size

1.2MB
MD5

02dc769ecda1d87e328a6d958d6010b0
SHA1

e502aa0b157439e354060a5bfd9e49509650106f
SHA256

2d3418f39cb778b1c21c606c31e020729768ddf9f5a1df521edde4366d50a4fa
SHA512

5d5758443bba111b3764cbfa798ec52904756f601686b776ccf41701c458fe67211e17c601c7529535a5ba686f080ac61c449e872225dcac58f9238dd0e363f0
SSDEEP

12288:UJ1bU27aDiFihvbAHBR1O6evpuFMNDR/XnsUKTXErXUQ9EQaIJCthi7XzdeOCAVL:7iFgTYfA6exn16bmfdpi6dvmZ/wbxQsX

Score

N/A

Malware Config

Signatures

Files

2d3418f39cb778b1c21c606c31e020729768ddf9f5a1df521edde4366d50a4fa
.exe windows x86

8c130327a0dddd181376d767fb89e7cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprAdminInterfaceDeviceGetInfo
MprAdminInterfaceDeviceSetInfo
MprAdminInterfaceDisconnect
MprAdminDeregisterConnectionNotification
MprAdminInterfaceConnect
MprAdminInterfaceGetCredentials
MprAdminBufferFree
MprAdminDeviceEnum
MprAdminGetPDCServer
MprAdminInterfaceCreate
MprAdminInterfaceGetHandle
MprAdminInterfaceDelete
MprAdminInterfaceEnum
MprAdminConnectionEnum
MprAdminGetErrorString
MprAdminConnectionClearStats
MprAdminConnectionGetInfo
MprAdminInterfaceGetInfo
MprAdminInterfaceGetCredentialsEx

kernel32

HeapCreate
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
LoadLibraryA
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
GlobalLock
WaitForSingleObject
SetEvent
SetTapeParameters
GetTickCount
InitializeCriticalSection
GlobalAlloc
LoadLibraryW
Sleep
GetProcAddress
EnterCriticalSection
GlobalFree
CreatePipe
VirtualProtect
GetVolumeInformationW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
DeleteCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
GetProcessHeap
GetStartupInfoW
GetCPInfo
RtlUnwind
RaiseException
LCMapStringA
LCMapStringW
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024KB - Virtual size: 99.7MB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c130327a0dddd181376d767fb89e7cc

Headers

File Characteristics

Imports

mprapi

kernel32

Sections

.text Size: 128KB - Virtual size: 126KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 24KB - Virtual size: 57KB

.rsrc Size: 1024KB - Virtual size: 99.7MB

.text
Size: 128KB - Virtual size: 126KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 24KB - Virtual size: 57KB

.rsrc
Size: 1024KB - Virtual size: 99.7MB