0c3e0e323b1c89a2afda065dc33e5bf3674428d96879903f222bdef2fb5b5af5

Sharing

Copy URL

Twitter E-mail

General

Target

0c3e0e323b1c89a2afda065dc33e5bf3674428d96879903f222bdef2fb5b5af5
Size

558KB
MD5

683b12e8d52d7d9e4eeb461e69e72dea
SHA1

e22425e919e6f2774c690b95634b26cdb69eb8f3
SHA256

0c3e0e323b1c89a2afda065dc33e5bf3674428d96879903f222bdef2fb5b5af5
SHA512

7a1e1a66358e69ed50cfd354bd3e1c52d627d95c3c71bc5a385e1b0b028642c6702a81523f092f32096c56bb37d49c17f49225b5ea5a5da6c63bdc8233d63ecc
SSDEEP

12288:FgI9RjhTYicQLXz5O/BQr3oL7uYMJqMCWCKt:FgIV8QLX1CBQrYL7rMCWC

Score

N/A

Malware Config

Signatures

Files

0c3e0e323b1c89a2afda065dc33e5bf3674428d96879903f222bdef2fb5b5af5
.exe windows x86

760e8a470ad50170eb9dec948038fa14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

tree_peek_ndr
short_from_ndr_temp
long_from_ndr
float_from_ndr
UuidHash
RpcStringFreeA
RpcServerUseProtseqIfA
RpcNetworkInqProtseqsA
RpcMgmtSetCancelTimeout
RpcMgmtInqStats
RpcMgmtInqIfIds
RpcMgmtEpEltInqNextA
RpcBindingCopy
MesHandleFree
CStdStubBuffer_QueryInterface

kernel32

QueryPerformanceCounter
lstrcmpiA
VerLanguageNameW
VerLanguageNameA
SetTimeZoneInformation
SetLastError
ReleaseMutex
RegisterWaitForSingleObjectEx
QueryDosDeviceW
OpenFileMappingA
ChangeTimerQueueTimer
CreateHardLinkW
DeleteFileA
EnumResourceLanguagesA
ExitProcess
FindNextChangeNotification
FlushViewOfFile
FreeEnvironmentStringsA
GetCommandLineA
GetDevicePowerState
GetEnvironmentStringsW
GetFileSize
GetNamedPipeHandleStateA
GetPrivateProfileIntW
GetProcAddress
GetShortPathNameW
GetTapeParameters
GetTickCount
HeapAlloc
InterlockedExchange
LoadResource

version

VerQueryValueW
VerQueryValueA
VerInstallFileW
VerInstallFileA
VerFindFileW
VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoSizeA

crtdll

tanh
_exit
_finite
_hypot
_mktemp
_popen
_putenv
_strupr
_yn
clearerr
fscanf
iswlower

user32

GetFocus
LoadCursorA
LoadImageA
PostMessageA
SendMessageA
SetFocus
UpdateWindow
DestroyCaret

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock
ExpandEnvironmentStringsForUserW
FreeGPOListW
GetAppliedGPOListW
GetProfilesDirectoryW
LeaveCriticalPolicySection
RegisterGPNotification
UnregisterGPNotification
EnterCriticalPolicySection

ntdll

NtOpenMutant
NtSetEaFile
RtlSetSaclSecurityDescriptor
NtSetHighWaitLowEventPair
RtlSecondsSince1980ToTime
RtlNtStatusToDosError
RtlGetSaclSecurityDescriptor
RtlFindNextForwardRunClear
RtlFindClearBitsAndSet
RtlAreBitsClear
NtCreateIoCompletion

Exports

Exports

CytTHxriHl
NrPbkytfqF
Yivuo
awftv
isXuw
qbbbyuLzibyerjgi
sxukyqmvtqieBNelv
vplmuavs
wzaOmbfs
xlllqchpxchzxiwIc
yztTqXwgkWiikb

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 457KB - Virtual size: 459KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

760e8a470ad50170eb9dec948038fa14

Headers

File Characteristics

Imports

rpcrt4

kernel32

version

crtdll

user32

userenv

ntdll

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 48KB

.data Size: 457KB - Virtual size: 459KB

.rsrc Size: 51KB - Virtual size: 51KB

.text
Size: 48KB - Virtual size: 48KB

.data
Size: 457KB - Virtual size: 459KB

.rsrc
Size: 51KB - Virtual size: 51KB