cf23e914d1f70edb1b9fdcc995431c6310fa023565b3e96d1cf4dac84bc3dcd6

Sharing

Copy URL

Twitter E-mail

General

Target

cf23e914d1f70edb1b9fdcc995431c6310fa023565b3e96d1cf4dac84bc3dcd6
Size

223KB
MD5

6dfefdaaf5b50396d5d15b22144ba8b0
SHA1

a836af9b9d4c3313ca26ccfbaa07025279955301
SHA256

cf23e914d1f70edb1b9fdcc995431c6310fa023565b3e96d1cf4dac84bc3dcd6
SHA512

8f58c6ac39f1a284a5fe4321f6b7d867c64d2bcd1b38e0b337159899c258cbd726429e0e5d448ce01a4647b61e7ebae52cebb2001fb98b8e0df2be771fc1b05c
SSDEEP

3072:jp7kXNyzoU0AVKzyA6EfGo9dM+4cvZvI+NZq3zLG93CWkEH:jxCNa8AWfJ9UcvFI+NZ0LG93CoH

Score

N/A

Malware Config

Signatures

Files

cf23e914d1f70edb1b9fdcc995431c6310fa023565b3e96d1cf4dac84bc3dcd6
.exe windows x86

561f10905fac78af2dc7d3af66534389

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UpdateResourceW
SetProcessWorkingSetSize
GlobalCompact
SetFilePointerEx
GetTapeStatus
CreateTimerQueue
SetTapeParameters
DecodePointer
GetFileType
LocalCompact
ReleaseSemaphore
FreeUserPhysicalPages
EncodePointer
AssignProcessToJobObject
SetCommBreak
TlsGetValue
QueryInformationJobObject
TransmitCommChar
RemoveVectoredExceptionHandler
CreateFileMappingW
WTSGetActiveConsoleSessionId
GetProcessVersion
GetCommandLineA
GetCurrentThreadId
DefineDosDeviceW
GlobalUnfix
GetMailslotInfo
GetModuleFileNameA
SetLastError
SetStdHandle
GetFileInformationByHandle
PulseEvent
GetThreadIOPendingFlag
RtlCaptureStackBackTrace
IsProcessInJob
GetNamedPipeHandleStateW
DisableThreadLibraryCalls
SetProcessShutdownParameters
OpenProcess
SetCommState
EscapeCommFunction
GetWriteWatch
SetHandleCount
FreeResource
GetDevicePowerState
CreateTapePartition
DeleteAtom
LocalShrink
FlushViewOfFile
GetThreadPriority
PostQueuedCompletionStatus
DisconnectNamedPipe
MapUserPhysicalPagesScatter
GetFileSizeEx
GetNamedPipeInfo
GetProcessIoCounters
ResetEvent
RequestDeviceWakeup
FindFirstFileExW
SetProcessPriorityBoost
GetThreadContext
lstrcpynA
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
SetFilePointer
MultiByteToWideChar
ReadFile
WriteFile
MulDiv
lstrlenA
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GlobalFree
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc
ExpandEnvironmentStringsW
lstrcmpW
lstrcmpiW
lstrcmpA
RemoveDirectoryW
lstrcpyA
GetVersion
GetSystemDirectoryW
GetVersionExW
lstrcpyW
GetModuleHandleA
LoadLibraryA
GetProcAddress
lstrcatW
GetTempFileNameW
lstrcmpiA
CreateProcessW
LoadLibraryW
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
lstrcpynW
lstrlenW
CloseHandle
SetErrorMode
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
ExitProcess
CopyFileW
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
Sleep
SetFileAttributesW
CreateDirectoryW
GetLastError
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
GetStartupInfoA
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsSetValue
TlsFree
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
DeleteCriticalSection
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
HeapAlloc
VirtualAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

561f10905fac78af2dc7d3af66534389

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 78KB - Virtual size: 77KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 120KB - Virtual size: 148KB

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 120KB - Virtual size: 148KB