885bd1f7da66a6fd57131d75c7074836565fddcc6c9fedf6f7bb71a4544d4906

Sharing

Copy URL

Twitter E-mail

General

Target

885bd1f7da66a6fd57131d75c7074836565fddcc6c9fedf6f7bb71a4544d4906
Size

424KB
MD5

823ece0c42f0a1527a81efe1cff9591a
SHA1

dc0fc3de6b66447a632d1055fe58d59e2f3c0099
SHA256

885bd1f7da66a6fd57131d75c7074836565fddcc6c9fedf6f7bb71a4544d4906
SHA512

c651c4641f9edc780b9eee94342eeafb0d074cbe3a196660c9c55e7ba54c653dfe6e9112e329ff6d1361cd43939725ae5d0b708042d28e51c1c99151af45a360
SSDEEP

6144:BJOrslDNrfqw5W9RtPLal1tBzAF2Rg/zUZjpMWMl4ZC824UzHoXbftChXW3AxfuJ:BJOrSNr4S77zAJzUZ1azKblCJxfS6

Score

N/A

Malware Config

Signatures

Files

885bd1f7da66a6fd57131d75c7074836565fddcc6c9fedf6f7bb71a4544d4906
.exe windows x86

6e702a124209885e8c0aaa8e5a14f9c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

pdh

PdhGetCounterInfoW

user32

wsprintfW

imm32

ImmDestroyContext

ole32

HMENU_UserUnmarshal

comdlg32

PageSetupDlgW
ChooseColorA

kernel32

SetFirmwareEnvironmentVariableA
CreateThread
SetFilePointerEx
GetTapeStatus
GetModuleFileNameA
DeleteTimerQueue
HeapWalk
GetFirmwareEnvironmentVariableA
GlobalMemoryStatusEx

urlmon

CoInternetCombineUrl

ntdsapi

DsFreeSpnArrayA

clusapi

OpenCluster

oleaut32

VarCyFromI1

msvcrt

isalnum
memcpy
wcstoul

setupapi

SetupBackupErrorA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ordo
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.t
Size: 4KB - Virtual size: 46B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mrt1
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e702a124209885e8c0aaa8e5a14f9c1

Headers

File Characteristics

Imports

pdh

user32

imm32

ole32

comdlg32

kernel32

urlmon

ntdsapi

clusapi

oleaut32

msvcrt

setupapi

Sections

.text Size: 12KB - Virtual size: 11KB

ordo Size: 4KB - Virtual size: 1KB

.t Size: 4KB - Virtual size: 46B

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 100KB - Virtual size: 367KB

.mrt1 Size: 100KB - Virtual size: 97KB

CODE Size: 100KB - Virtual size: 97KB

.rsrc Size: 96KB - Virtual size: 94KB

.text
Size: 12KB - Virtual size: 11KB

ordo
Size: 4KB - Virtual size: 1KB

.t
Size: 4KB - Virtual size: 46B

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 100KB - Virtual size: 367KB

.mrt1
Size: 100KB - Virtual size: 97KB

CODE
Size: 100KB - Virtual size: 97KB

.rsrc
Size: 96KB - Virtual size: 94KB