feed808ab92ce90b7d6bdfd11f391857759c8d3cdc23261b1398c732fb1dff21

Sharing

Copy URL Twitter E-mail

General

Target

feed808ab92ce90b7d6bdfd11f391857759c8d3cdc23261b1398c732fb1dff21
Size

213KB
MD5

00384980bd600651413972f66c8ea2e0
SHA1

4dd9d7827752ddb800cc2ff343f1be53e150ac03
SHA256

feed808ab92ce90b7d6bdfd11f391857759c8d3cdc23261b1398c732fb1dff21
SHA512

8ac307d6e40df9e8a9c5ee359330dabf4f1f97f1de30565f0e08a2aa386fb22b29bf2afe9f7d153bfbcd21d0883f1a1c26e3fb2ba1c97031639c81bad8458a61
SSDEEP

3072:wy/uBInB459pLHDJSuz4ZTIf7Fd4XIYHvN+0FDBeLSDADeak7dJHB/Am:wy/q59hVSnZcfD44YV+WDBcSsQLH5Am

Score

N/A

Malware Config

Signatures

Files

feed808ab92ce90b7d6bdfd11f391857759c8d3cdc23261b1398c732fb1dff21
.exe windows x86

db3b25ffd15b1f84e24be8954ad248fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

tier0

Warning
Msg
Plat_IsInDebugSession
WriteMiniDump
SpewActivate
CommandLine_Tier0
SpewOutputFunc
g_pMemAlloc
?DevMsg@@YAXPBDZZ
ThreadWaitForObjects
ReleaseThreadHandle
CreateSimpleThread
GetThreadedLoadLibraryFunc
?DevWarning@@YAXPBDZZ
?UnlockRead@CThreadSpinRWLock@@QAEXXZ
?LockForRead@CThreadSpinRWLock@@QAEXXZ
??0CThreadSpinRWLock@@QAE@XZ
?UnlockWrite@CThreadSpinRWLock@@QAEXXZ
?LockForWrite@CThreadSpinRWLock@@QAEXXZ
Error

vstdlib

KeyValuesSystem
VStdLib_GetICVarFactory

kernel32

SetConsoleMode
ReadConsoleInputA
CreateFileW
WriteConsoleW
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CompareStringW
GetStdHandle
TerminateProcess
GetCurrentProcess
LeaveCriticalSection
OutputDebugStringA
EnterCriticalSection
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
VirtualQuery
HeapAlloc
GetProcessHeap
GetCommandLineA
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
GetProcAddress
LoadLibraryExA
FreeLibrary
GetLastError
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileExA
GetDriveTypeW
GetFullPathNameA
CreateDirectoryA
FindNextFileA
GetFileAttributesA
DeleteFileA
GetModuleHandleW
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSetInformation
GetSystemTimeAsFileTime
SetEnvironmentVariableA
IsProcessorFeaturePresent
CloseHandle
GetFileType
CreateFileA
GetCurrentDirectoryW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetHandleCount
GetStartupInfoW
SetEnvironmentVariableW
ReadFile
SetFilePointer
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
WriteFile
GetModuleFileNameW
LoadLibraryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LCMapStringW
GetStringTypeW
SetStdHandle
GetConsoleCP
GetConsoleMode
SetEndOfFile
HeapFree
GetTimeZoneInformation
FlushFileBuffers

Exports

Exports

CreateInterface
cvar

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db3b25ffd15b1f84e24be8954ad248fe

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

tier0

vstdlib

kernel32

Exports

Exports

Sections

.text Size: 127KB - Virtual size: 126KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 392KB

.rsrc Size: 1024B - Virtual size: 708B

.reloc Size: 52KB - Virtual size: 52KB

.text
Size: 127KB - Virtual size: 126KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 392KB

.rsrc
Size: 1024B - Virtual size: 708B

.reloc
Size: 52KB - Virtual size: 52KB