960cb9b480da62a5f252bacb185069c069074a86477590245db2b59e390b63b9

General

Target

960cb9b480da62a5f252bacb185069c069074a86477590245db2b59e390b63b9
Size

152KB
MD5

806340be909c29bd86a202f791f72a20
SHA1

973febf6ebedd9297b4fadf7d2999c6716f39a19
SHA256

960cb9b480da62a5f252bacb185069c069074a86477590245db2b59e390b63b9
SHA512

8f1a86b23b2ded95e973c6c65080e4b2cf350403697fd208788a6df50c84b77431fdf41d345a3d883ecd6c36acd2aa503b076ef11b1009102d4875474b006b36
SSDEEP

1536:N94JsISmNQVUubxWeQmsqaMdWu4yS5xNXA6Mq4LwDdFqq8g9EsEX1Ig:N94JsIW5lWosOdWq0x1x4U/WsI

Score

N/A

Malware Config

Signatures

Files

960cb9b480da62a5f252bacb185069c069074a86477590245db2b59e390b63b9
.dll windows x86

c5f471220f6140b07618807c673b556d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
LCMapStringW
LockResource
ExpandEnvironmentStringsA
WriteConsoleOutputCharacterA
_llseek
EnterCriticalSection
EnumResourceTypesA
GetConsoleTitleW
CreateHardLinkW
GetLocalTime
GetCommandLineA
VirtualAlloc
lstrcpynA
SetConsoleActiveScreenBuffer
EnumResourceTypesW
WriteProfileStringW
GetTimeZoneInformation
GetShortPathNameA
TerminateThread
GetLocaleInfoW
GetConsoleMode
GetTempPathA
QueueUserAPC
SetDefaultCommConfigA
lstrcatA
HeapReAlloc
GetModuleFileNameA
MoveFileWithProgressW
GetTapeStatus
GetFileInformationByHandle
VirtualAlloc

msvcrt

memcpy
strlen

advapi32

InitiateSystemShutdownExW
EnumServicesStatusExA
SetAclInformation
FindFirstFreeAce
CryptDeriveKey
OpenEventLogA
GetFileSecurityA
CreatePrivateObjectSecurityEx
GetFileSecurityW
ReadEventLogA

Exports

Exports

CellBackup
CellRibbonDesktop

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5f471220f6140b07618807c673b556d

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

Exports

Exports

Sections

.text Size: 41KB - Virtual size: 40KB

.data Size: 9KB - Virtual size: 9KB

.idata Size: 97KB - Virtual size: 96KB

.edata Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 28KB

.text
Size: 41KB - Virtual size: 40KB

.data
Size: 9KB - Virtual size: 9KB

.idata
Size: 97KB - Virtual size: 96KB

.edata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 28KB