cef167e0e3c1c2b28f9ce2d7672ded515efb7fc23adac2fa15a1238bb48bfbde

Sharing

Copy URL Twitter E-mail

General

Target

cef167e0e3c1c2b28f9ce2d7672ded515efb7fc23adac2fa15a1238bb48bfbde
Size

810KB
MD5

00e1a02a32d9d880555f4a4b9c90881c
SHA1

27c439fada3f8af3fc0c9058d2e294026a0cbe99
SHA256

cef167e0e3c1c2b28f9ce2d7672ded515efb7fc23adac2fa15a1238bb48bfbde
SHA512

90fbb7c6836e1724a94651bb54f26af7346e6dfdf925ef23e8c1bfdc6a48a148d0a6bda54422fd6c24920bc8973aec676476869b3367023b6459ec30d36049b1
SSDEEP

24576:8y4Zsxmdtf2OL24bR14rlkk/MP0LrBNOLq4:8jptj1B1GNOu4

Score

N/A

Malware Config

Signatures

Files

cef167e0e3c1c2b28f9ce2d7672ded515efb7fc23adac2fa15a1238bb48bfbde
.exe windows x86

1a85686ee2368853729c630791b49fca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcsxfrm
_ismbbkalnum
_exit
_wtmpnam
_unloaddll
_longjmpex
_dstbias
_getwche
vsprintf
_inp
putwchar
_mbscspn
perror
_putwch
__p__winver
_mbclen
clock
_ismbcsymbol
_mbctohira
_mbsnbicmp
wcschr
_CIexp
_mbsnbcmp
_ctime64
_wenviron
_mbsncpy
_ismbclegal
_jn
localtime
atoi
wcsncpy
_wrename
_wmktemp
??3@YAXPAX@Z

kernel32

GetEnvironmentVariableW
GlobalAlloc
EnumSystemLocalesA
ResumeThread
GetNumaAvailableMemoryNode
GetCPInfoExW
SetUserGeoID
GetProcAddress
SetFileApisToANSI
WaitNamedPipeW
CreateMutexA
InterlockedExchangeAdd
GetDefaultCommConfigW
lstrcpynW
QueryPerformanceCounter
InterlockedExchange
GetVolumeNameForVolumeMountPointW
CopyLZFile
GetConsoleCursorMode
VerLanguageNameA
RtlZeroMemory
GetProfileIntW
GetFirmwareEnvironmentVariableW
GetNumberOfConsoleFonts
GetModuleHandleW
InterlockedDecrement
GetStartupInfoA
VirtualAlloc
LoadResource
AttachConsole
GetVersion
LoadLibraryA
Thread32Next
GetGeoInfoW
OpenWaitableTimerA
DosDateTimeToFileTime
GetFileSizeEx
SetEnvironmentVariableW

crtdll

_unloaddll
_ismbblead
perror
_tell
gmtime
_fsopen
_dup
wcspbrk
_ismbckata
_lsearch
_mbsbtype
wcstombs
_eof
_stat
_ismbcprint
fflush
_futime
_ismbcsymbol
isalnum
_CItan
_winmajor_dll
_fputwchar
_statusfp
_mbschr
_strerror
_ltow
_winver_dll
_mbsnbcat
_j0
_cscanf

ntdll

RtlHashUnicodeString
ZwOpenIoCompletion
RtlAddAuditAccessAceEx
RtlCompactHeap
RtlGetOwnerSecurityDescriptor
RtlIpv4AddressToStringA
ZwQueryDirectoryObject
ZwSetSecurityObject
RtlApplyRXactNoFlush
ZwLoadDriver
wcscpy
NtGetContextThread
NtQueryQuotaInformationFile
RtlReleaseResource
RtlInitAnsiString
KiUserExceptionDispatcher
CsrAllocateCaptureBuffer
ZwSetDefaultUILanguage
RtlUnicodeToMultiByteN
ZwDebugActiveProcess
RtlxUnicodeStringToAnsiSize
NtCreateSemaphore
RtlInitString
ZwSetUuidSeed
RtlFillMemoryUlong
RtlIntegerToUnicodeString
NtDebugActiveProcess
ZwSetIntervalProfile
RtlNumberGenericTableElements
RtlLargeIntegerSubtract
RtlLeaveCriticalSection

olecli32

OleRevertClientDoc
GenRelease
LeEnumFormat
ErrSetData
DibEnumFormat
DibCopy
BmEqual
OleQueryProtocol
OleCreateLinkFromClip
MfClone
OleObjectConvert
OleEnumFormats
MfCallbackFunc
GenCopy
PbCreate
OleSetBounds
OleQueryClientVersion
OleRename
DefCreateInvisible
OleUnlockServer
ObjQueryName
OleQueryBounds
PbEnumFormats
OleClone
BmCopy
ErrCopyFromLink
OleGetLinkUpdateOptions

drprov

NPGetResourceInformation
NPCancelConnection
NPAddConnection
NPGetCaps
NPCloseEnum
NPGetUniversalName
NPGetConnection
NPAddConnection3
NPEnumResource
NPGetResourceParent
NPOpenEnum

shell32

SHGetMalloc

user32

EndDialog
MessageBoxW

Sections

.text
Size: 361KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 192KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a85686ee2368853729c630791b49fca

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

crtdll

ntdll

olecli32

drprov

shell32

user32

Sections

.text Size: 361KB - Virtual size: 360KB

.rdata Size: 120KB - Virtual size: 120KB

.data Size: 192KB - Virtual size: 1.6MB

.rsrc Size: 133KB - Virtual size: 133KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 361KB - Virtual size: 360KB

.rdata
Size: 120KB - Virtual size: 120KB

.data
Size: 192KB - Virtual size: 1.6MB

.rsrc
Size: 133KB - Virtual size: 133KB

.reloc
Size: 1KB - Virtual size: 1KB