17ddf7ca4f48340836723777233d997f45530d355e83694e8d417a7b00eb1f1d

Sharing

Copy URL Twitter E-mail

General

Target

17ddf7ca4f48340836723777233d997f45530d355e83694e8d417a7b00eb1f1d
Size

148KB
MD5

464494fb0162f20ef9d85966058e5200
SHA1

be85994853b26f6b6283ac4e74c55486f56a1222
SHA256

17ddf7ca4f48340836723777233d997f45530d355e83694e8d417a7b00eb1f1d
SHA512

e67847cf98f9fb9c13958b875c022f223d452ca77064a363018da76f0ad106c81bb2e1b45cb182ec2a2e3d0e1d4406e79298a9633937aec8dc618234bc02e3ff
SSDEEP

3072:beT51TvS/shVYUVx/OjOgUZvdQaIp+mNQ0XIlTmLjyNJoJDTH4UgI:Se/shVYUVkjOgUVdQaQ+R0XIlX/opjU

Score

N/A

Malware Config

Signatures

Files

17ddf7ca4f48340836723777233d997f45530d355e83694e8d417a7b00eb1f1d
.exe windows x86

90ce9c227ceb3db0e7052f267207771a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr100

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_controlfp_s
_invoke_watson
_except_handler4_common
_crt_debugger_hook
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
vswprintf_s
memset
_recalloc
malloc
wcsstr
memcpy_s
_invalid_parameter_noinfo_noreturn
__CxxFrameHandler3
wcsncat_s
wcsrchr
memcpy
_wcsnicmp
_CxxThrowException
free
wcsncpy_s
wcscpy_s
wcscat_s

kernel32

LocalAlloc
LoadLibraryA
FlsFree
FlsGetValue
FlsAlloc
GetCommandLineW
CloseHandle
RaiseException
GetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
DeleteCriticalSection
SetEvent
WaitForSingleObject
CreateEventW
Sleep
CreateThread
GetCurrentThreadId
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
lstrlenW
FreeLibrary
LoadLibraryExW
LoadResource
SizeofResource
lstrcmpiW
FindResourceW
MultiByteToWideChar
QueryPerformanceCounter
GetProcessHeap
HeapSetInformation
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTickCount
VirtualProtect
WerRegisterMemoryBlock
HeapAlloc
HeapFree
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoW
EncodePointer
DecodePointer
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleExW
TlsAlloc
GetCurrentProcess

advapi32

RegQueryValueExW
RegisterEventSourceW
DeregisterEventSource
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteKeyW
RegCloseKey
RegGetValueW
ReportEventW
OpenProcessToken
GetSidSubAuthority
GetTokenInformation
RegEnumValueW

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
StringFromGUID2
CoInitializeSecurity
CoReleaseServerProcess
CoAddRefServerProcess
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
CoUninitialize
CoTaskMemRealloc

oleaut32

VarUI4FromStr
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
SysStringLen
SysFreeString
SysAllocString

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

90ce9c227ceb3db0e7052f267207771a

Headers

DLL Characteristics

File Characteristics

Imports

msvcr100

kernel32

advapi32

ole32

oleaut32

Sections

.text Size: 54KB - Virtual size: 54KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 75KB - Virtual size: 76KB

.text
Size: 54KB - Virtual size: 54KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 75KB - Virtual size: 76KB