f3a2ba570c2f444e401590c35e2f34ac08d518c24dee0ee38f371a9ddb55df5a

Sharing

Copy URL Twitter E-mail

General

Target

f3a2ba570c2f444e401590c35e2f34ac08d518c24dee0ee38f371a9ddb55df5a
Size

237KB
MD5

73ba46fee9e96670c8e86defb3807046
SHA1

d9b3c0c1e88412d036169ea299759b710cbef773
SHA256

f3a2ba570c2f444e401590c35e2f34ac08d518c24dee0ee38f371a9ddb55df5a
SHA512

ce6bc4c747f19892ca5180b481654ade7e8bd147d4e48ce59af9ccf5ea1b7ce449b3ccecaef3b52ff67dde936fe8088098fb63a287038f0e652a7f27ee3fc7c4
SSDEEP

6144:3E4NagAvCQOyTQbXs+DKN9Uqn0Sc4StS6:3ENJXOyTQbtQZTcs6

Score

N/A

Malware Config

Signatures

Files

f3a2ba570c2f444e401590c35e2f34ac08d518c24dee0ee38f371a9ddb55df5a
.exe windows x86

132c1b54bb4e9bcac3e912338a8da1a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

pdh

PdhComputeCounterStatistics
PdhBindInputDataSourceW
PdhUpdateLogFileCatalog
PdhEnumObjectsHW
PdhTranslate009CounterA
PdhParseCounterPathW
PdhExpandCounterPathW
PdhConnectMachineA
PdhSetQueryTimeRange
PdhEnumLogSetNamesW
PdhGetDefaultPerfCounterHW
PdhGetDefaultPerfCounterHA
PdhGetLogFileTypeW
PdhLookupPerfIndexByNameA
PdhEnumObjectsHA
PdhLookupPerfNameByIndexA
PdhOpenLogW
PdhAddCounterA
PdhUpdateLogW
PdhGetLogFileTypeA
PdhEnumLogSetNamesA
PdhGetRawCounterValue
PdhRemoveCounter
PdhGetDefaultPerfObjectHW
PdhGetLogSetGUID
PdhEnumMachinesHW
PdhOpenLogA
PdhRelogA
PdhValidatePathW
PdhParseInstanceNameW
PdhTranslate009CounterW
PdhBrowseCountersA
PdhOpenQueryA
PdhAdd009CounterA
PdhGetDefaultPerfObjectA
PdhEnumMachinesA
PdhVerifySQLDBW

crtdll

_mbstok
__isascii
_mbsrchr
ceil
_write
ldiv
_amsg_exit
memcpy
_CIcosh
_chmod
_tempnam
wcstok
strrchr
_fileinfo_dll
_onexit
_mbsnset
memchr
tolower
memcmp
_pipe
_cpumode_dll
wcsstr
_getche
fgetc
fopen
_wtol
__toascii
wcsncat
_memccpy
_winver_dll
realloc
_sys_errlist
_strcmpi
_fileno
_stat
_heapchk
_spawnl
wcschr
_filelength
strstr
fabs
iswascii
isalnum
_strncnt
_mbsninc
_msize
_ismbcprint
frexp
_lrotr
_mbsspnp
_mbscmp
_strnextc
_ismbclegal
clearerr
_spawnv
_ismbbprint
_mbctoupper
_mbsnbcmp
_yn
_mbscpy
_mbsspn
freopen
sprintf
rewind
_mbsrev
rename
_ismbbkalnum
wcspbrk
_chdrive
isupper
pow
mktime
_strspnp
_stricmp
_mbsdec
ungetc
qsort
_mbsnbcat
_mbsncpy
_chgsign
_splitpath
_chsize
_beep
log
_osminor_dll
_mbsncmp
_abnormal_termination
_baseversion_dll
_osversion_dll
iswctype
iswlower
_mbslwr
_getdrives
_spawnlp
_CIsinh
mblen
_timezone_dll
memmove
fwscanf
_itoa
_copysign
clock
vfprintf
_rmdir
_strerror
iswalpha
_strdup
_strninc
wctomb
_pgmptr_dll
_tell
wcsxfrm
_getw
_wcsnset
strtoul
wcstombs
cos
_toupper
rand
_baseminor_dll
isprint
printf
_osmode_dll
_ftime
wcsncpy

kernel32

LockResource
GetEnvironmentVariableW
CloseHandle
LocalAlloc
WideCharToMultiByte
GetTapeParameters
ExpandEnvironmentStringsW
GetSystemDirectoryW
SetErrorMode
LoadLibraryA
GlobalFree
GetVersionExW
CreateEventW
SetEvent
FileTimeToSystemTime
GetVersionExW
GetDriveTypeW
VirtualFree
CreateProcessW
LockFile
QueryPerformanceCounter
InitializeCriticalSection
ReadFile
Sleep
LocalFree
GetWindowsDirectoryW
VirtualAlloc
FreeLibrary
GetSystemTimeAsFileTime
GetUserDefaultLCID
SetPriorityClass
DeleteFileW
LocalFree
GetPriorityClass
GetCompressedFileSizeW
SetTapeParameters
GetFileSize
ReleaseMutex
SetEndOfFile

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

132c1b54bb4e9bcac3e912338a8da1a6

Headers

DLL Characteristics

File Characteristics

Imports

pdh

crtdll

kernel32

Sections

.text Size: 78KB - Virtual size: 78KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 137KB - Virtual size: 692KB

.text
Size: 78KB - Virtual size: 78KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 137KB - Virtual size: 692KB