Data6393[.]iso

Sharing

Copy URL Twitter E-mail

General

Target

Data6393.iso
Size

492KB
MD5

3f142092adf2984e690d58d6caf7d620
SHA1

b2270e20342b9870956cc6e7eae9c4e728ed2af5
SHA256

02472ea2b007034f6c61c96a1ef900261d0ceac60a828096df917d14036f848a
SHA512

f0f49225c501678e7b246663a471733bd53be8507a807c7d050a4fd34130fd5f5e74f9f8c00d5b5906ee1943fcc9fff1babc4b15ab5e909b0a0619b1abe49dab
SSDEEP

6144:YCiSz8ZFZG2MEnD4vrWEBvljmcmUv9n2dDSH+S2TkZiGBoGGhNE:YZS4HMmQWEBvlaUqSH+NCiSoG

Score

N/A

Malware Config

Signatures

Files

Data6393.iso
.iso
IData.lnk
.lnk
obediences/announces.png
.png
obediences/beauty.cmd
.cmd .vbs
obediences/meaningless.dat
.dll regsvr32 windows x86

9323af2c03365d66a39358fdad42f240

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
FileTimeToLocalFileTime
FindFirstFileA
FindFirstFileW
GetDriveTypeA
GetDriveTypeW
GetFileAttributesA
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameW
GetFullPathNameA
GetLogicalDriveStringsW
SetFileAttributesW
SetUnhandledExceptionFilter
SetErrorMode
SetNamedPipeHandleState
QueryPerformanceCounter
QueryPerformanceFrequency
DeviceIoControl
LeaveCriticalSection
ReleaseSemaphore
ReleaseMutex
OpenMutexW
OpenSemaphoreW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsFree
GetThreadContext
FlushInstructionCache
GetSystemInfo
GetLocalTime
GetVersion
GetSystemDirectoryA
GetSystemDirectoryW
GetWindowsDirectoryA
GetWindowsDirectoryW
VirtualProtect
ReadProcessMemory
CreateFileMappingW
FindResourceExW
GetModuleFileNameA
GetModuleHandleW
LoadResource
FindResourceW
LoadLibraryA
LoadLibraryW
GlobalAlloc
LocalAlloc
SetHandleCount
MulDiv
lstrcmpA
lstrcmpiA
lstrlenA
lstrlenW
CreateFileMappingA
GlobalAddAtomW
GetPrivateProfileIntW
WritePrivateProfileStringW
MoveFileW
WaitNamedPipeA
IsBadWritePtr
GetComputerNameW
CompareFileTime
GetConsoleCP
GetConsoleOutputCP
ReadConsoleInputA
ReadConsoleW
WriteConsoleA
WriteConsoleW
SetConsoleCtrlHandler
FlushConsoleInputBuffer
SetFilePointerEx
GetConsoleMode
WriteFile
FlushFileBuffers
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
DecodePointer
MoveFileExW
CloseHandle
LCMapStringW
MultiByteToWideChar
HeapAlloc
HeapFree
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsSetValue
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
EncodePointer
SetLastError
GetLastError
InterlockedFlushSList
RtlUnwind
RaiseException
TerminateProcess
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
SetCurrentDirectoryW
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
SetEnvironmentVariableW
GetStdHandle
SetStdHandle
VirtualAlloc
GetTickCount
CreateThread
ExitThread
WaitForSingleObject
DebugBreak
SystemTimeToFileTime
GetModuleHandleA
IsProcessorFeaturePresent

user32

SetForegroundWindow
SendMessageA
DialogBoxParamA
EndDialog
SystemParametersInfoW
CreateIconIndirect
LoadIconW
SetWindowsHookExW
GetWindow
GetWindowThreadProcessId
FindWindowW
SetParent
GetDesktopWindow
EqualRect
GetSysColor
MapWindowPoints
ScreenToClient
CreateCaret
GetCursorPos
MessageBeep
MessageBoxW
MessageBoxA
AdjustWindowRectEx
AdjustWindowRect
RedrawWindow
ValidateRect
GetDCEx
GetDC
GetKeyState
SetActiveWindow
GetMenuItemID
CreatePopupMenu
LoadMenuW
GetSystemMetrics
SetCapture
GetAsyncKeyState
GetFocus
GetActiveWindow
CharUpperW
IsClipboardFormatAvailable
EnumClipboardFormats
CountClipboardFormats
RegisterClipboardFormatW
GetClipboardData
SetClipboardData
OpenClipboard
BringWindowToTop
DeferWindowPos
BeginDeferWindowPos
FlashWindow
UnregisterClassW
GetDoubleClickTime
InSendMessage
AttachThreadInput
SendMessageTimeoutW
GetMessageTime
RegisterWindowMessageW
GetProcessWindowStation
GetThreadDesktop

gdi32

GetObjectType
CreatePalette
CreateDCW
CreateBitmap
GetStockObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW
PrintDlgW

advapi32

RegNotifyChangeKeyValue
RegCloseKey
DeleteService

ole32

CoCreateGuid
OleInitialize
CoInitializeEx

shlwapi

ord155
PathFindOnPathA
PathFindExtensionA
PathFileExistsA

Exports

Exports

DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
obediences/portraiture.txt

Sharing

General

Malware Config

Signatures

Files

9323af2c03365d66a39358fdad42f240

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

shlwapi

Exports

Exports

Sections

.text Size: 86KB - Virtual size: 86KB

.data Size: 186KB - Virtual size: 186KB

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 86KB - Virtual size: 86KB

.data
Size: 186KB - Virtual size: 186KB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 6KB - Virtual size: 5KB