677b40208a88436bf54d1eb40b13b1ee2075d7bb2ea61f69cb2b178d27458676

Sharing

Copy URL Twitter E-mail

General

Target

677b40208a88436bf54d1eb40b13b1ee2075d7bb2ea61f69cb2b178d27458676
Size

30KB
MD5

537968ca18f3a03648d4e0da44b93d10
SHA1

01038ff3a8a92ca406e82b3c0d913c5815500888
SHA256

677b40208a88436bf54d1eb40b13b1ee2075d7bb2ea61f69cb2b178d27458676
SHA512

04587b7e62f98f85933f6f8fe1dde667bbbe054fd3cdc6f65bfdd6c08dec730a6d777a1dc36f48bd1fd66903e13fc74e7f6a7a6ff7dda1013f070d5c379c713d
SSDEEP

768:T29RLwsIx0a6qpVVZ8G1+2FfrpVsMSUiQ44myRiXT97OEE4C7ivRE:a4Nx1tb1DXsTJQ44hRiXtOEgiZ

Score

N/A

Malware Config

Signatures

Files

677b40208a88436bf54d1eb40b13b1ee2075d7bb2ea61f69cb2b178d27458676
.exe windows x86

bf30e53558cb09ed94da81e5d7abfa08

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

ImageRvaToVa
ImageDirectoryEntryToData

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
WaitForSingleObject
CreateRemoteThread
VirtualAllocEx
VirtualFreeEx
WriteProcessMemory
CreateFileA
GetFileAttributesA
GetFileSize
ReadFile
GetCompressedFileSizeA
CloseHandle
GetCurrentProcess
GetProcessId
VirtualAlloc
VirtualProtectEx
ReadProcessMemory
GetProcAddress
LoadLibraryA
CreateToolhelp32Snapshot
Module32First
Module32Next
Sleep
GetExitCodeProcess
OpenProcess
Process32First
Process32Next
QueryPerformanceCounter
IsProcessorFeaturePresent
DecodePointer
IsDebuggerPresent
EncodePointer

user32

MessageBoxA

msvcp120

?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

msvcr120

memmove
??_V@YAXPAX@Z
_CxxThrowException
__CxxFrameHandler3
memcpy
memset
_stricmp
mbstowcs_s
wcstombs_s
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_XcptFilter
??3@YAXPAX@Z
__getmainargs
__set_app_type
exit
_exit
_cexit
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
__initenv
_fmode
_commode
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
_purecall
_amsg_exit
??2@YAPAXI@Z

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.out0
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf30e53558cb09ed94da81e5d7abfa08

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

kernel32

user32

msvcp120

msvcr120

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.out0 Size: 13KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.out0
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 480B