9b4280f42b384de9889795b35a993894e265a6ec4dc7e246dac86efc9ae102db

Sharing

Copy URL Twitter E-mail

General

Target

9b4280f42b384de9889795b35a993894e265a6ec4dc7e246dac86efc9ae102db
Size

169KB
MD5

01e1a9f7d803350f09d350095a7e283e
SHA1

833a1c9a841fc4cd53eb5b6db55cd4683ec3750e
SHA256

9b4280f42b384de9889795b35a993894e265a6ec4dc7e246dac86efc9ae102db
SHA512

2745f30ba3ef54d593caa9dfc5253ecbe87503d2706d1b1dc5f15898db9fb9555309fd2a56927fad5dacb27ea2e1d89be1c0c92b5514479adce337923c29aabd
SSDEEP

3072:nx8DZ5jZlTbRGc4xxmnwTFTnK48dUxV5CKj6Q8gTvEOWeA8jgJ6w4eRxnqu0bA+S:nxwjrTbUvcnwTFTKtgLCK2BgTvEOWeAa

Score

N/A

Malware Config

Signatures

Files

9b4280f42b384de9889795b35a993894e265a6ec4dc7e246dac86efc9ae102db
.exe windows x86

f0c2611ef82716072c0b661374e4ff87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleBaseNameW

rpcrt4

NdrpCreateProxy

msvcrt

wcscmp
strcmp

kernel32

FileTimeToLocalFileTime
CreateEventA
HeapCreate
GetCommProperties
GlobalHandle
GetUserDefaultLangID
CreateSemaphoreA
CreateSemaphoreW
SearchPathA
lstrcpyA
SetNamedPipeHandleState
OpenFileMappingW
GetCPInfo
IsDBCSLeadByteEx
DeleteFileA
SetupComm
TlsSetValue
FindFirstFileW
GetTimeFormatA
FlushViewOfFile
SetUnhandledExceptionFilter
LocalUnlock
SetLastError
GetLastError
GetFileType
CreateFileW
GlobalFlags
WaitForSingleObjectEx
WaitCommEvent
ResetEvent
EnterCriticalSection
DeleteCriticalSection
DefineDosDeviceW

Exports

Exports

IsComponentOriginal

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.On59
Size: 1024B - Virtual size: 966B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Zek
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Eh0887
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Nus
Size: 512B - Virtual size: 145B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Re82
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Cru
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Lax503
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Tup
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0c2611ef82716072c0b661374e4ff87

Headers

DLL Characteristics

File Characteristics

Imports

psapi

rpcrt4

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 134KB - Virtual size: 133KB

.On59 Size: 1024B - Virtual size: 966B

.Zek Size: 512B - Virtual size: 4KB

.Eh0887 Size: 512B - Virtual size: 28B

.Nus Size: 512B - Virtual size: 145B

.Re82 Size: 1KB - Virtual size: 1KB

.Cru Size: 512B - Virtual size: 128B

.Lax503 Size: 512B - Virtual size: 330B

.Tup Size: 22KB - Virtual size: 21KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 134KB - Virtual size: 133KB

.On59
Size: 1024B - Virtual size: 966B

.Zek
Size: 512B - Virtual size: 4KB

.Eh0887
Size: 512B - Virtual size: 28B

.Nus
Size: 512B - Virtual size: 145B

.Re82
Size: 1KB - Virtual size: 1KB

.Cru
Size: 512B - Virtual size: 128B

.Lax503
Size: 512B - Virtual size: 330B

.Tup
Size: 22KB - Virtual size: 21KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 5KB - Virtual size: 4KB