9126bff81f344dc0dfda0455de65f60a275b5dd0d4b904dfbdfd4989eb661d1d

Sharing

Copy URL

Twitter E-mail

General

Target

9126bff81f344dc0dfda0455de65f60a275b5dd0d4b904dfbdfd4989eb661d1d
Size

856KB
MD5

a1b866a9f5d588e19ce40b538398c46c
SHA1

595d81b3c283b280e3a8dff5ddea78c3cb680967
SHA256

9126bff81f344dc0dfda0455de65f60a275b5dd0d4b904dfbdfd4989eb661d1d
SHA512

c6f7328a7991d0939006a1c2242e46675af39a69c8ec399ed08ff7177281700480419fa1751eadc7c460ef4d1e63afc5a91435d54b9e3b9766873b9e4b5d2d4c
SSDEEP

24576:S7DhwnboBRYbKNxIOw3yutUO3oRHCJIggQmR0e:Sfhwn8Bi4xELt3oRHC2QI0

Score

N/A

Malware Config

Signatures

Files

9126bff81f344dc0dfda0455de65f60a275b5dd0d4b904dfbdfd4989eb661d1d
.exe windows x86

705a9ec48005e4d245d3f897689d22a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICImageCompress
DrawDibStop
ICLocate
ICGetInfo
DrawDibGetPalette
ICClose
ICSeqCompressFrameEnd
DrawDibClose
MCIWndCreate
ICMThunk32
ICInstall
ICSendMessage
DrawDibGetBuffer
ICCompressorFree
VideoForWindowsVersion
ICDrawBegin
ICDraw
ICOpen
GetOpenFileNamePreview

kernel32

SetDefaultCommConfigA
LocalAlloc
CreateTapePartition
LoadLibraryA
SetComputerNameA
DeleteTimerQueueEx
GetNamedPipeInfo
GetConsoleCP
CreateJobSet
GetFileInformationByHandle
HeapLock
GetProcessTimes
FreeEnvironmentStringsW
SetComputerNameExA
SetConsoleTextAttribute
ConnectNamedPipe
LoadResource
GetTickCount
GetCommandLineA
EnumResourceLanguagesW
FindVolumeMountPointClose
VirtualAlloc
SetHandleContext
SuspendThread
RaiseException
UnmapViewOfFile
CreateWaitableTimerW
CreateSemaphoreW
QueryPerformanceCounter
GetPrivateProfileStringW
GetCurrentThread
SetConsoleOutputCP
GetDiskFreeSpaceExA
WriteConsoleW
WriteFile
ConvertDefaultLocale
ReadConsoleW
SetLastError
CloseHandle
GetStartupInfoA
SetCommBreak
SetConsoleNlsMode

certcli

CACertTypeGetSecurity
CAOIDSetProperty
CAGetCertTypeKeySpec
CAEnumCertTypesForCA
CAGetCASecurity
CAGetCAProperty
CADeleteCertType
CAFindByIssuerDN
CAFreeCertTypeProperty
CAOIDFreeProperty
CAInstallDefaultCertType
CAEnumCertTypesForCAEx
CACloseCertType
CAUpdateCA
CAOIDDelete
CAOIDFreeLdapURL
CAFindByName

pdh

PdhValidatePathA
PdhOpenQueryH
PdhOpenQuery
PdhGetDefaultPerfCounterW
PdhUpdateLogA
PdhGetDllVersion
PdhTranslate009CounterA
PdhValidatePathW
PdhVbGetCounterPathFromList
PdhGetRawCounterValue
PdhAddCounterW
PdhGetLogFileTypeW
PdhListLogFileHeaderW
PdhOpenQueryW
PdhGetLogFileTypeA

Sections

.text
Size: 732KB - Virtual size: 731KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

705a9ec48005e4d245d3f897689d22a7

Headers

DLL Characteristics

File Characteristics

Imports

msvfw32

kernel32

certcli

pdh

Sections

.text Size: 732KB - Virtual size: 731KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 4KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 732KB - Virtual size: 731KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 4KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB