d3f9c4037f8b4d24f2baff1e0940d2bf238032f9343d06478b5034d0981b2cd9

General

Target

d3f9c4037f8b4d24f2baff1e0940d2bf238032f9343d06478b5034d0981b2cd9
Size

332KB
MD5

7e8eba7fb31ceab049fe43d020dc34bf
SHA1

472c49709b5bf423b05f9c516be9fcf6750c874b
SHA256

d3f9c4037f8b4d24f2baff1e0940d2bf238032f9343d06478b5034d0981b2cd9
SHA512

c64ae2051475c23e085ddb9a3b4660c5b3a7c5422926809b0892f21ac8389b78e058378384712a6b1caf73045a3d79f2304e59215f131eaf285885c7fd2df57a
SSDEEP

6144:5komG9UjBxbXqRmJhpky57BQZ/pj5xY1tq7pGeFtdb:exqR6hpf7BQdpjIbeFtdb

Score

N/A

Malware Config

Signatures

Files

d3f9c4037f8b4d24f2baff1e0940d2bf238032f9343d06478b5034d0981b2cd9
.exe windows x86

e325c885f9ac976d219cfd705de1bfc5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

resutils

ClusWorkerCreate
ClusWorkerTerminate
ClusWorkerStart
ResUtilDupString
ResUtilGetBinaryValue

kernel32

GetLocaleInfoW
GetShortPathNameA
FindFirstFileA
GetDriveTypeW
GetProcAddress
ReadConsoleA
GetFileSize
GetGeoInfoW
SetConsoleTitleA
GetTickCount
SetLastError
SetCurrentDirectoryA
CreateDirectoryW
CreateMutexA
CompareStringA
GetDateFormatA
GetModuleHandleA
WaitForSingleObject
InterlockedIncrement
CreateFileA
GetDiskFreeSpaceW
WriteFile
DeleteFileA

msimg32

AlphaBlend
vSetDdrawflag

crypt32

CertDuplicateStore
CertCompareCertificate
CertNameToStrA
CertOpenStore
CertFreeCRLContext
CertDuplicateCRLContext
CertFindCTLInStore
CertFindChainInStore
CertCreateCRLContext
CryptEnumOIDInfo
CertFindExtension
CertControlStore
CertFindAttribute
CertAddStoreToCollection

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e325c885f9ac976d219cfd705de1bfc5

Headers

File Characteristics

Imports

resutils

kernel32

msimg32

crypt32

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 159KB - Virtual size: 158KB

.data Size: 44KB - Virtual size: 43KB

.rsrc Size: 1024B - Virtual size: 864B

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 159KB - Virtual size: 158KB

.data
Size: 44KB - Virtual size: 43KB

.rsrc
Size: 1024B - Virtual size: 864B

.reloc
Size: 21KB - Virtual size: 21KB