c86d875afb1264f0611ab8a0c01599f7242f7ae9bbf822aad83a1dde9e4eb36d

Sharing

Copy URL Twitter E-mail

General

Target

c86d875afb1264f0611ab8a0c01599f7242f7ae9bbf822aad83a1dde9e4eb36d
Size

49KB
MD5

816c0c1b50136dacc522df5ff2ff4325
SHA1

c17c5460431aa5fc266d48b830cb0e1c968812e2
SHA256

c86d875afb1264f0611ab8a0c01599f7242f7ae9bbf822aad83a1dde9e4eb36d
SHA512

2051bc0694df2b3728185cb2a0eafbdefa5d462cd0b4bdabface45ff7a89ebe8d60462c088957e0272ace9b2bfa9b3f036012f0c381f33afa4d89d2b19c6196d
SSDEEP

768:6EfpMmK97nxtqkF/2pLQXvLeoVXqDuDFsufUZSEBV306eDwzNt3eoXACamU6E:6EpKNX/kQ/LeCaD+FeSG06XPeoXcmE

Score

N/A

Malware Config

Signatures

Files

c86d875afb1264f0611ab8a0c01599f7242f7ae9bbf822aad83a1dde9e4eb36d
.exe windows x86

8ab66913b5421a81bd21186d747864bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mmcbase

?Throw@SC@mmcerror@@QAEXXZ
??1CEventBuffer@@QAE@XZ
??0?$CEventLock@UAppEvents@@@@QAE@XZ
?SetHWnd@SC@mmcerror@@SGXPAUHWND__@@@Z
?FromWin32@SC@mmcerror@@QAEAAV12@J@Z
?SCODEFromSc@@YGJABVSC@mmcerror@@@Z
??BSC@mmcerror@@QBE_NXZ
??9SC@mmcerror@@QBE_NJ@Z
??9SC@mmcerror@@QBE_NABV01@@Z
?GetHelpFile@SC@mmcerror@@SGPBGXZ
??4CMMCStrongReferences@@QAEAAV0@ABV0@@Z
??0SC@mmcerror@@QAE@J@Z
?MMCErrorBox@@YGHPBGVSC@mmcerror@@I@Z
??1?$CEventLock@UAppEvents@@@@QAE@XZ
?s_hWnd@SC@mmcerror@@0PAUHWND__@@A
?FormatErrorShort@@YGXVSC@mmcerror@@IPAG@Z
?GetEventBuffer@@YGAAVCEventBuffer@@XZ
?GetMainThreadID@SC@mmcerror@@SGKXZ
??4SC@mmcerror@@QAEAAV01@J@Z
?Lock@CEventBuffer@@QAEXXZ
?ScFromMMC@@YG?AVSC@mmcerror@@J@Z
?MMCUpdateRegistry@@YGJHPBVCObjectRegParams@@PBVCControlRegParams@@@Z
?s_hInst@SC@mmcerror@@0PAUHINSTANCE__@@A
?Throw@SC@mmcerror@@QAEXJ@Z

kernel32

GetSystemDefaultLCID
RtlZeroMemory
QueryPerformanceCounter
VirtualAlloc
HeapFree
GetCurrentThread
GetLocaleInfoW
GetTickCount
SetFileShortNameA
TerminateThread
IsValidCodePage
GetConsoleAliasA
LCMapStringW
SetFilePointerEx
CopyFileExA
GlobalAddAtomA
GetStartupInfoA
RemoveLocalAlternateComputerNameA
GetTempFileNameW
AddRefActCtx
CreateThread
GetSystemWow64DirectoryW
GetThreadPriority
LocalFileTimeToFileTime
GetCommProperties
FindCloseChangeNotification
OpenEventA
GetLocaleInfoA
lstrcpyn
GetFileAttributesExW
GetProcessTimes
SetVolumeLabelA
QueryDepthSList
GetStringTypeExW
lstrcpy
GetUserGeoID
VerSetConditionMask
ReleaseMutex
GenerateConsoleCtrlEvent
ReadDirectoryChangesW
LoadLibraryA
SetLastError
GetGeoInfoA
OpenMutexW
SetThreadAffinityMask
AddLocalAlternateComputerNameW

vss_ps

GetProxyDllInfo

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ab66913b5421a81bd21186d747864bc

Headers

DLL Characteristics

File Characteristics

Imports

mmcbase

kernel32

vss_ps

Sections

.text Size: 41KB - Virtual size: 40KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 41KB - Virtual size: 40KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB