111c4295eaa4bd95a0810479f84446fe0bc719f729ea129c11eb604a476cc0ac

Sharing

Copy URL Twitter E-mail

General

Target

111c4295eaa4bd95a0810479f84446fe0bc719f729ea129c11eb604a476cc0ac
Size

560KB
MD5

69d1cf5a749001ee756691e0bdada008
SHA1

b8a2e1cac972e4a21b4dd7a96af685f9e5bf7eed
SHA256

111c4295eaa4bd95a0810479f84446fe0bc719f729ea129c11eb604a476cc0ac
SHA512

bf9820a138eb5741291248df53aa9d6837f0dd71f55a35d2cbd6975a8e252ab914e5052fcc1e4db9c90aa672d5ca996e5ae7b732b4dd21bb88c663d7e5852604
SSDEEP

12288:CaZ12beUX3P5+UuXEPx5h/dTWmK2W+QDaKjRjhonfTdV4I71tGqFrDoF8xe8WsTM:jZ1xUX3xEq5pdTWmKLtD6e8pFRFPKoWJ

Score

N/A

Malware Config

Signatures

Files

111c4295eaa4bd95a0810479f84446fe0bc719f729ea129c11eb604a476cc0ac
.exe windows x86

dd448f3c64ab698fb9f1a1dad855c081

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oracore10

lstclo
sldxgd
slzgetevar

oranmemso

nmedcs_Response_getResponse
nmedcs_Response_getResponseType
nmedcs_Response_delete
nmedcsrf_RefreshRes_getErrors
nmeuv_Vector_size
nmeuv_Vector_elementAt
nmedcfe_getErrorMsg
nmedcru_getElementDef
nmedcso_getOperationError
nmedcoe_getErrorMsg
nmeufile_new
nmeufile_isExist
nmeufile_delete
nmecs_initializeStateFiles
nmecs_removePhysicalStateFiles
nmeuv_Vector_deleteAll
nmedcrds_getElementDef
nmeud_getCurrentTimeInString
nmedcrds_newWithValues
nmedcrrd_getElementDef
nmeuv_Vector_isEmpty
nmedcrrd_newWithTgts
nmedt_Target_releaseObject
nmeuv_Vector_new
nme_allocncpy0
nme_allocpy0
nmedt_Target_newTypeName
nmeuv_Vector_addElement
nmebmgr_init
nmebb_Blackout_getSchedules
nmeusb_StringBuffer_appendStr
nmess_getDuration
nmeusb_StringBuffer_appendChar
nmess_getStartDate
nmess_getStartTime
nmesds_durationsched_getLength
nmesds_durationsched_getTimeUnits
nmeusb_StringBuffer_appendInt
nmess_getEndDate
nmess_getEndTime
nmess_isExpired
nmebt_getName
nmebt_getType
nmebb_Blackout_getName
nmebb_Blackout_getTargets
nmebb_isNodeLevel
nmeetm_targetExistsWithNameAndType
nmebt_Target_newNameType
nmebtd_Target_delete
nmeusb_StringBuffer_new
nmebmgr_getBlackoutGUIDs
nmebmgr_getBlackout
nmeusb_StringBuffer_reset
nmeusb_StringBuffer_getBuffer
nmedcrr_getElementDef
nme_freecb
nmeusb_StringBuffer_delete
nmebmgr_getBlackoutByName
nmebb_isConsoleCreated
nmess_setEndDateTime
nmebmgr_setBlackout
nme_appendStr0
nmebb_Blackout_newCLI
nmeetm_getAllTargets
nmebb_setNodeLevel
nmess_schedule_newDuration
nmebb_Blackout_addSchedule
nmedt_Target_getName
nmedt_Target_getType
nmeetm_findHostTarget
nmebb_Blackout_addTarget
nmedt_Target_getMetadata
nmedmtm_getMonitoringModes
nmeulx_get_OS_LangID
nmeulx_get_UTF8_LangID
nmeulx_Convert_CharsetID
nmedt_Target_getProperties
nmee_MetricEngine_getMetadata
nmedt_Properties_Iterator
nmeuiter_Iterator_hasNext
nmeuiter_Iterator_next
nmedtp_Property_getName
nmedmtm_getInstancePropertyWithProperties
nmedmip_is_credential
nmedmip_hide_entry
nmedmip_check_original
nmedtp_Property_getValue
nmedmip_need_reenter
nmedtp_Property_setValue
nmeuiter_Iterator_delete
nmeetm_saveToFile
nmee_MetricEngine_init
nmeetm_init
nmeustat_initStatus
nmeustat_setStatus
nme_alloc0
nmttp_runTask
nmedcr_Request_new
nmedcr_Request_addSubElement
nmehl_write
nmexml_PrintWriter_new
nmedcr_Request_printXml
nmexml_PrintWriter_flush
nmedcs_getElementDef
nmex_parseObject
nmedcr_Request_delete
nmexml_PrintWriter_delete
snmeuexp_dump
nmeuhlu_parseURL
nme_free0
nmehl_destroyRequest
nmehl_readBody
nmehl_readRequestResponse
nmehl_closeRequest
nme_info
nmeud_getTZDeltaForRegion
nmeud_diffTZ
nmehl_getStatusReqForArg
nme_error
nme_debug
nmexpool_ParserPool_init
nmehlclt_initializeHttpClient
nmttp_initialize
nmeuvr_checkAgentCompatibleVer
nmeuemdp_EMDProperty_getValue
nmeuemdp_EMDProperty_init
nmeulctx_setLevel
nmeulm_getLogCtx
nmecat_initialize
nme_destroy
nmeudir_setup_dir
nme_initialize
nmeudir_getAgentStateDir
nmeudir_getEmdRoot
nmehl_getStatusArgForReq
nmehl_sendRequest
nmehl_connect
nme_realloc0
nmebb_Blackout_delete

orauts

GetModuleHandleA
GetCurrentThreadId
Sleep

kernel32

SetUnhandledExceptionFilter

msvcr71

fprintf
_iob
_read
_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
__p___initenv
_cexit
_XcptFilter
_exit
_c_exit
memset
exit
isdigit
strchr
strrchr
setbuf
atoi
_write

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 508KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd448f3c64ab698fb9f1a1dad855c081

Headers

File Characteristics

Imports

oracore10

oranmemso

orauts

kernel32

msvcr71

Sections

.text Size: 16KB - Virtual size: 15KB

.text1 Size: 4KB - Virtual size: 1KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 760B

.vmp0 Size: 508KB - Virtual size: 1.6MB

.text
Size: 16KB - Virtual size: 15KB

.text1
Size: 4KB - Virtual size: 1KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 760B

.vmp0
Size: 508KB - Virtual size: 1.6MB