bff1b88ba5005c486a33eb1c16dbb1686cfe0ff2e30842ace729c2e7a1a9bfaf

Sharing

Copy URL Twitter E-mail

General

Target

bff1b88ba5005c486a33eb1c16dbb1686cfe0ff2e30842ace729c2e7a1a9bfaf
Size

34KB
MD5

05d4217faff45c79e8704b38e14a5a3b
SHA1

cd822499e0c69de1a59a164734d5e74f109fd229
SHA256

bff1b88ba5005c486a33eb1c16dbb1686cfe0ff2e30842ace729c2e7a1a9bfaf
SHA512

d2e5f32d6347138e315a7a4dbccb432609c3d565687716570784d28e2a28c29bfc76b171f024de9409bc3a4b184c6cc0c89eb565a76caa888c664e8e6e9a6d1d
SSDEEP

768:zx54Ee4kns5xqQU5jkfkcVmB1B+BGBnBvBwB:2zDHk8B5u

Score

N/A

Malware Config

Signatures

Files

bff1b88ba5005c486a33eb1c16dbb1686cfe0ff2e30842ace729c2e7a1a9bfaf
.exe windows x86

e544d9b5542eada7b7e5e36f539d7ad0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
Sleep
LoadLibraryExW
GetModuleHandleW
GetCommandLineW
FormatMessageW
FreeLibrary
CreateEventW
WaitForSingleObject
CloseHandle
SetThreadPriority
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleA
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersionExA

advapi32

LookupAccountSidW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
NotifyChangeEventLog
OpenEventLogW
GetOldestEventLogRecord
GetNumberOfEventLogRecords
CloseEventLog
ReadEventLogW

shlwapi

PathFileExistsW

mfc71u

ord265
ord6284
ord5319
ord5621
ord1430
ord3382
ord629
ord266
ord757
ord3990
ord577
ord774
ord4100
ord2261
ord5342
ord5091
ord870
ord2311
ord293
ord280
ord1479
ord2895
ord6111
ord282
ord2926
ord1472
ord283
ord287
ord5711
ord2697
ord776
ord4101
ord6166
ord6172
ord5485
ord5558
ord899
ord777
ord4026
ord6173
ord896
ord5083
ord1197
ord566
ord764
ord557
ord745
ord380
ord3195
ord5489
ord1176
ord556
ord1443
ord744
ord384

msvcr71

__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_cexit
exit
__p___winitenv
_amsg_exit
__wgetmainargs
free
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__security_error_handler
_controlfp
_endthread
_except_handler3
memset
_beginthread
_initterm
wcslen
_wtoi
getenv
_wmkdir
_wgetenv
_localtime64
wcsftime
wprintf
__CxxFrameHandler
wcscpy
_wtol

msvcp71

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e544d9b5542eada7b7e5e36f539d7ad0

Headers

File Characteristics

Imports

kernel32

advapi32

shlwapi

mfc71u

msvcr71

msvcp71

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 324B

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 324B

.rsrc
Size: 17KB - Virtual size: 17KB