b9ff4a82e2542e5ee4ca7527c066f7e19047bc8020f4c333a311214af486bc6c

Sharing

Copy URL Twitter E-mail

General

Target

b9ff4a82e2542e5ee4ca7527c066f7e19047bc8020f4c333a311214af486bc6c
Size

172KB
MD5

62ae9fed3499b7872f19b03f2d22c340
SHA1

250b2698b77638b288ab2a22c429624dccb10a5a
SHA256

b9ff4a82e2542e5ee4ca7527c066f7e19047bc8020f4c333a311214af486bc6c
SHA512

aec21a5f6bd72f2cce3bccdd4a87870b14afaf80c89cc85b065ea0b0de973a57f34aca5ddf1a5fbe7e0c0022f08fbb7f66257a448e8ecfbea8d06332c3244b10
SSDEEP

3072:j0LdZggro+yXRezv7UdXUQWnBzC4Id4HN6SdRnQuA4gfBGV9YNoQY5fo0z889OHI:j0LdmgE4UinB21d4HN6SjnD7uAm09Z

Score

N/A

Malware Config

Signatures

Files

b9ff4a82e2542e5ee4ca7527c066f7e19047bc8020f4c333a311214af486bc6c
.exe windows x86

b96459f80fa54f8b703359d22e96a75c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
SizeofResource
CreateMutexW
IsBadWritePtr
WideCharToMultiByte
SetCommState
GetFullPathNameW
GlobalReAlloc
CallNamedPipeW
FindCloseChangeNotification
VirtualQuery
RemoveDirectoryA
IsBadReadPtr
GetModuleFileNameA
TlsGetValue
GetModuleHandleA
GlobalGetAtomNameW
GetTimeFormatA
lstrcatW
GlobalMemoryStatus
EnterCriticalSection
GetSystemDefaultUILanguage
CreateThread
GetPriorityClass
GlobalDeleteAtom
GlobalFindAtomW
FindFirstChangeNotificationW
SetThreadContext
GetCommModemStatus
UnhandledExceptionFilter
GetThreadContext
lstrcmpiW
GetCurrentThreadId
SetEndOfFile
EnumSystemLocalesA
IsBadStringPtrW
GetSystemWindowsDirectoryW
lstrcmpiA
GetTickCount
SetFileAttributesA
FindResourceW
CloseHandle
CompareStringW
OpenEventW
CopyFileW
ConnectNamedPipe
VirtualProtect
IsValidLanguageGroup
DisconnectNamedPipe
GlobalMemoryStatusEx
GetModuleFileNameW
GetFileInformationByHandle
lstrlenA
DeviceIoControl
WaitForSingleObject
FileTimeToLocalFileTime
GetVersionExW
GetComputerNameExW
FindResourceExW
SetMailslotInfo
CreateMutexA
GetWindowsDirectoryW
LockResource
SetEvent
OpenSemaphoreW
TerminateThread
MulDiv
GetBinaryTypeW
HeapCreate
RaiseException
ResumeThread
LoadLibraryA
CreateFileMappingW
HeapReAlloc
GetLongPathNameW
CancelIo
TlsFree
lstrcatA
DuplicateHandle
GetSystemInfo
SetLastError
SetFileApisToOEM
LocalUnlock
OpenFileMappingA
lstrcmpW
EnumResourceTypesA
GetTempFileNameA
LoadResource
GetSystemDirectoryW
GetShortPathNameA
FindNextFileW
GetTempFileNameW
GetSystemDefaultLangID
InitializeCriticalSection
WinExec
TryEnterCriticalSection
LCMapStringW
CreateSemaphoreA
GetFileAttributesW
SetTimerQueueTimer
GetThreadPriority
GetCompressedFileSizeW
MoveFileExA
GetAtomNameA
GetSystemWindowsDirectoryA
ReadFile
UnlockFile
ClearCommBreak
SetFilePointer
GetCommandLineA
CreateNamedPipeA
DeleteAtom
SetCommTimeouts
SetSystemTimeAdjustment

Exports

Exports

?AightDialog@@YGEUtext@@@Z
?GoodAimTFS@@YGEUtext@@@Z
?GoodLowmFire@@YGEUtext@@@Z
?MainPort@@YGEUtext@@@Z
?NineDialog@@YGEUtext@@@Z

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.okan
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.push3
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b96459f80fa54f8b703359d22e96a75c

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 37KB

.idata Size: 3KB - Virtual size: 2KB

.data Size: 32KB - Virtual size: 32KB

.okan Size: 16KB - Virtual size: 16KB

.push3 Size: 16KB - Virtual size: 15KB

.rsrc Size: 63KB - Virtual size: 63KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 38KB - Virtual size: 37KB

.idata
Size: 3KB - Virtual size: 2KB

.data
Size: 32KB - Virtual size: 32KB

.okan
Size: 16KB - Virtual size: 16KB

.push3
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 63KB - Virtual size: 63KB

.reloc
Size: 2KB - Virtual size: 1KB