fd7851cadc60a0470e10e38bcf7d3a1fac96e40b4dfc469012b8c154545c9f52

Sharing

Copy URL Twitter E-mail

General

Target

fd7851cadc60a0470e10e38bcf7d3a1fac96e40b4dfc469012b8c154545c9f52
Size

364KB
MD5

c8af14ac4588646618b8c4c8d882963a
SHA1

58ac9805950708f9f0fe5230bdd0d065a873cd07
SHA256

fd7851cadc60a0470e10e38bcf7d3a1fac96e40b4dfc469012b8c154545c9f52
SHA512

1d9d9cfd418513e99d1fe08e181f42aaf36a92daeafd5ac622f14c5762caa73ec3a7021469d4418c11f7c4d197b83e49ed887819be16d69139947e22792ec7fd
SSDEEP

6144:PbRPOGb3M2BZrtn45pxPjFVLiStH5r8if8K7E83VDZqa1LS8UZzLSSWKS53N9BVq:PbRPOAr49jHztnjli8AzLS5KK3HBjvrY

Score

N/A

Malware Config

Signatures

Files

fd7851cadc60a0470e10e38bcf7d3a1fac96e40b4dfc469012b8c154545c9f52
.exe windows x86

53fd71b36ba8983a12013c752121bfe1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

vssapi

ord6
?CreateVssBackupComponents@@YGJPAPAVIVssBackupComponents@@@Z

kernel32

GetModuleHandleA
GetLastError
GetVolumeNameForVolumeMountPointW
CloseHandle
WriteFile
CreateFileW
WideCharToMultiByte
GetVolumePathNamesForVolumeNameW
GetVolumePathNameW
GetFileAttributesW
GetTimeFormatW
GetDateFormatW
GetThreadLocale
FileTimeToSystemTime
FileTimeToLocalFileTime
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
ReadFile
GetFileSize
GetCommandLineW
InterlockedExchange
GetACP
GetLocaleInfoA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
LocalFree
FormatMessageW
ExpandEnvironmentStringsW
GetLocaleInfoW
LoadLibraryA
GetOEMCP
SetEndOfFile
CreateFileA
IsBadCodePtr
IsBadReadPtr
MultiByteToWideChar
GetVersionExA
RtlUnwind
ExitProcess
GetCPInfo
HeapFree
IsValidCodePage
HeapAlloc
LCMapStringA
LCMapStringW
GetProcAddress
TerminateProcess
GetCurrentProcess
GetStringTypeA
GetStringTypeW
HeapReAlloc
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FlushFileBuffers
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
VirtualQuery
HeapSize
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
VirtualProtect
GetSystemInfo
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle

ole32

CoInitialize
CoUninitialize
CLSIDFromString
CoInitializeSecurity

oleaut32

SysAllocString
SysFreeString

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

53fd71b36ba8983a12013c752121bfe1

Headers

File Characteristics

Imports

vssapi

kernel32

ole32

oleaut32

Sections

.text Size: 212KB - Virtual size: 208KB

.rdata Size: 64KB - Virtual size: 61KB

.data Size: 8KB - Virtual size: 11KB

.text
Size: 212KB - Virtual size: 208KB

.rdata
Size: 64KB - Virtual size: 61KB

.data
Size: 8KB - Virtual size: 11KB