cd0a3af948b1a47a53e97ba76873520e1ca2b49c2be0ba044d7a46328a03e54e

Sharing

Copy URL Twitter E-mail

General

Target

cd0a3af948b1a47a53e97ba76873520e1ca2b49c2be0ba044d7a46328a03e54e
Size

1.2MB
MD5

36b3be82b2a7987bddb454a231a3ca15
SHA1

992907981ec0afecbd0f945a0914076d8fce7926
SHA256

cd0a3af948b1a47a53e97ba76873520e1ca2b49c2be0ba044d7a46328a03e54e
SHA512

bb7e2168f166b5383cb247e045d38e542ae0bc34174c07ebbb22317bca167ff6bbf42fbc5cb27d6d81ff0e46a63f3e8c99d368027369a5004fa7fc012c648889
SSDEEP

24576:FqliBUSN29FAGzYksQMowlpVnJyxfNeQoYk9Ihj:BUSN29FAGzYk3MVlpjUoYO+

Score

N/A

Malware Config

Signatures

Files

cd0a3af948b1a47a53e97ba76873520e1ca2b49c2be0ba044d7a46328a03e54e
.dll windows x86

5da1c573abb0414daf2a8515312a1f06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidToStringA
RpcStringFreeA
UuidFromStringA
UuidCreate

kernel32

SetLastError
GetTimeFormatA
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetModuleFileNameA
VirtualQuery
HeapAlloc
GetProcessHeap
SetEnvironmentVariableA
CompareStringW
CompareStringA
CloseHandle
FlushFileBuffers
GetLocaleInfoW
SetStdHandle
ReadFile
GetTimeZoneInformation
SetConsoleCtrlHandler
IsBadCodePtr
IsBadWritePtr
SetFilePointer
GetSystemInfo
VirtualAlloc
VirtualProtect
SetUnhandledExceptionFilter
GetOEMCP
GetACP
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCPInfo
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
GetModuleHandleA
LoadLibraryA
FreeLibrary
ExitProcess
IsBadReadPtr
GetCurrentThreadId
GetCommandLineA
GetVersionExA
RtlUnwind
GetDriveTypeA
GetCurrentDirectoryA
GetFullPathNameA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
TlsAlloc
InterlockedExchange
GetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
TerminateProcess
GetCurrentProcess
RaiseException
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
LCMapStringA
LCMapStringW
GetDateFormatA

user32

EmptyClipboard
OpenClipboard
GetDesktopWindow
SetClipboardData
GetClipboardData
CloseClipboard

parsifal

ord4
ord23
ord3
ord2
ord1

tier0

?ExitScope@CVProfile@@QAEXXZ
g_pMemAlloc
Error
Warning
?EnterScope@CVProfile@@QAEXPBDH0_NH@Z
_AssertValidReadPtr
Msg
GetCPUInformation
AssertValidStringPtr
_AssertValidWritePtr
g_VProfCurrentProfile
DevMsg
?DevMsg@@YAXPBDZZ
?UnlockRead@CThreadSpinRWLock@@QAEXXZ
?LockForRead@CThreadSpinRWLock@@QAEXXZ
??0CThreadSpinRWLock@@QAE@XZ
?UnlockWrite@CThreadSpinRWLock@@QAEXXZ
?LockForWrite@CThreadSpinRWLock@@QAEXXZ
CommandLine_Tier0

vstdlib

GetCVarIF
KeyValuesSystem

Exports

Exports

CreateInterface

Sections

.text
Size: 756KB - Virtual size: 752KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5da1c573abb0414daf2a8515312a1f06

Headers

File Characteristics

Imports

rpcrt4

kernel32

user32

parsifal

tier0

vstdlib

Exports

Exports

Sections

.text Size: 756KB - Virtual size: 752KB

.rdata Size: 120KB - Virtual size: 117KB

.data Size: 72KB - Virtual size: 135KB

.reloc Size: 64KB - Virtual size: 63KB

.text Size: 196KB - Virtual size: 196KB

.text
Size: 756KB - Virtual size: 752KB

.rdata
Size: 120KB - Virtual size: 117KB

.data
Size: 72KB - Virtual size: 135KB

.reloc
Size: 64KB - Virtual size: 63KB

.text
Size: 196KB - Virtual size: 196KB