0e87d64ff1b2b491c5f38e4dea51aafddd1bb7b7db4d954efcd4440a299e3b59

Sharing

Copy URL Twitter E-mail

General

Target

0e87d64ff1b2b491c5f38e4dea51aafddd1bb7b7db4d954efcd4440a299e3b59
Size

626KB
MD5

964aa1e3db07f30040e9a442a041909e
SHA1

fb1f778e03e18fbac67c9ff6e2ac9adea674c264
SHA256

0e87d64ff1b2b491c5f38e4dea51aafddd1bb7b7db4d954efcd4440a299e3b59
SHA512

3253ddbd4b58b73001d2e30ee7540842a0a81f719b097e0678e872d4fd1b675e4a3b4ac2bd5d5d0dd30e30ac56f3d0044d8d8b62a828e504867de56bffb48709
SSDEEP

12288:e0Y3rgoeDaBcClIfQsxgVq5ontUg/JywIdwAVRHS5iaDexHKiXIzzyVcuD4158Kk:ND4lI4s+Vq50GghywIdwAVRHS5iaDexr

Score

N/A

Malware Config

Signatures

Files

0e87d64ff1b2b491c5f38e4dea51aafddd1bb7b7db4d954efcd4440a299e3b59
.exe windows x86

f2177ecc673dae04436ff4acbdd10c15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
_except_handler3
??1type_info@@UAE@XZ
__p__fmode
?terminate@@YAXXZ
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__winitenv
_wtol
malloc
realloc
wcsstr
free
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
_wcsicmp
wcsncpy
_wgetcwd
_c_exit
_exit
_XcptFilter
_cexit
_controlfp
exit
calloc
wcstod
wcstol
wcsncmp
fflush
fprintf
wcschr
strtok
wcslen
_wcsnicmp
sprintf
wcstok
_iob

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
GetTokenInformation
LookupAccountSidW
RegSetValueExW
RegConnectRegistryW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenProcessToken

kernel32

VerSetConditionMask
VerifyVersionInfoW
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetTimeFormatW
WideCharToMultiByte
OpenProcess
GetStdHandle
GetConsoleScreenBufferInfo
CloseHandle
GetLogicalDrives
GetDriveTypeW
GetVolumeInformationW
lstrcpynW
FindFirstFileW
FindClose
SetConsoleCursorPosition
WriteConsoleW
LocalFree
FormatMessageW
ReadConsoleW
ReadFile
SetConsoleMode
GetConsoleMode
FileTimeToSystemTime
GetComputerNameExW
GetCurrentProcess
QueryPerformanceCounter
lstrlenW
lstrcpyW
SetLastError
lstrcmpW
lstrcatW
lstrcmpiW
GetLastError
CompareStringW
FreeLibrary
LoadLibraryW
GetSystemDirectoryW
GetProcAddress
GetComputerNameW
MultiByteToWideChar
VirtualQuery
VirtualAlloc
VirtualFree

ntdll

RtlDestroyQueryDebugBuffer
RtlFreeHeap
RtlInitAnsiString
RtlAnsiStringToUnicodeString
RtlAllocateHeap
NtQuerySystemInformation
RtlInitUnicodeString

user32

LoadStringW
CharUpperW
wsprintfW

mpr

WNetGetLastErrorW
WNetCancelConnection2W
WNetAddConnection2W

netapi32

NetFileClose
NetApiBufferFree
NetFileEnum
NetServerGetInfo

secur32

GetUserNameExW

ws2_32

WSACleanup
gethostbyaddr
inet_addr
WSAGetLastError
WSAStartup
gethostbyname

framedyn

?Left@CHString@@QBE?AV1@H@Z
?Mid@CHString@@QBE?AV1@HH@Z
??4CHString@@QAEABV0@ABV0@@Z
?Format@CHString@@QAAXPBGZZ
??0CHString@@QAE@XZ
??4CHString@@QAEABV0@PBG@Z
??1CHString@@QAE@XZ
?GetData@CHString@@IBEPAUCHStringData@@XZ
?MakeUpper@CHString@@QAEXXZ
?Find@CHString@@QBEHPBG@Z
?Right@CHString@@QBE?AV1@H@Z
??YCHString@@QAEABV0@PBG@Z
?Mid@CHString@@QBE?AV1@H@Z
?TrimRight@CHString@@QAEXXZ
??0CHString@@QAE@PBG@Z

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 21B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp1
Size: 560KB - Virtual size: 1.7MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f2177ecc673dae04436ff4acbdd10c15

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

ntdll

user32

mpr

netapi32

secur32

ws2_32

framedyn

Sections

.text Size: 46KB - Virtual size: 45KB

.data Size: 512B - Virtual size: 3KB

.tls Size: 512B - Virtual size: 21B

.rsrc Size: 18KB - Virtual size: 17KB

.vmp1 Size: 560KB - Virtual size: 1.7MB

.text
Size: 46KB - Virtual size: 45KB

.data
Size: 512B - Virtual size: 3KB

.tls
Size: 512B - Virtual size: 21B

.rsrc
Size: 18KB - Virtual size: 17KB

.vmp1
Size: 560KB - Virtual size: 1.7MB