880f2ff3d271d20d19f4b4da61cd8b330b9ba101ec0bb20ed65a3380b75b3c47

General

Target

880f2ff3d271d20d19f4b4da61cd8b330b9ba101ec0bb20ed65a3380b75b3c47
Size

274KB
MD5

83959083141e8756d990112ec992b340
SHA1

e740b2fd351b0b63c339ebe51d5b3082a7cf0f22
SHA256

880f2ff3d271d20d19f4b4da61cd8b330b9ba101ec0bb20ed65a3380b75b3c47
SHA512

8f9c06acc9d2062e3d634a8563297614f92d3dc52b68cd39affe7dd66a3538b8c42961d93087bd50a1e877041a7f1071c5289c20dae458ab4fa0d69cf0afc961
SSDEEP

6144:fKO2ehNWas0XaTfeqzsxf8nAmO4Ap3ttHNDlCgxMikeFu8:fFuas5TfjWCOP5lkeFu8

Score

N/A

Malware Config

Signatures

Files

880f2ff3d271d20d19f4b4da61cd8b330b9ba101ec0bb20ed65a3380b75b3c47
.exe windows x86

7d490b7ee5d22a5c5ee816092640fc1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

ZwSetInformationThread
ZwCreateSection
ZwOpenEvent
ZwQuerySystemTime
ZwMapViewOfSection

msxmbios

_CIsin
QBColor
RefAry
I2I4
CommandBstr
SetAddref
ExitEachAry
RemoveDir
SetDateBstr
Sin
CySub
AppActivate
TextCmpGt
StrDate
ChangeDir
StrBool
TstGe
UI1Cy
TextCmpNe
AryUnlock
R8ValFromBstr
CySgn
HresultCheck
And
Rate
FpCDblR4
Date
OctBstrFrom
SetMemObj
UpperCaseBstr
New
DateR8
I2Str
BstrFromByte
Left
LateMemNamedCall
StrR8
gUnkAddref
I4
ErrObj
CAryUdt
LsetFixstr
LeftChar
Aryg
Div
LenChar
HexBstrFrom
LenBstrB
Type
LateIdNamedCallLd
NextEach
Xor
Int
CompareBstr
BstrFromFormat
Redim
SetUnkAddref
InvokeMethod
AryConstruct2
GetFxStr3
AryConstruct
Cat
TextTstLe
PutFxStr4
SetObjAddref
CyI2
CreateObject
gUnk
MsgBox
CopyBytesZero
ForEachCollAd

kernel32

SetProcessAffinityMask
HeapCreate
GlobalFree
VirtualFree
HeapAlloc
CreateFileA
GetCurrentProcessId
GetCommandLineW
FileTimeToDosDateTime
GetVersion
SleepEx
EnterCriticalSection
GlobalAlloc
lstrcatA
CreateEventA
LeaveCriticalSection
HeapFree
ResumeThread
HeapDestroy
ReadFile
CreateThread
VirtualAlloc

Sections

.text
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d490b7ee5d22a5c5ee816092640fc1c

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

msxmbios

kernel32

Sections

.text Size: 223KB - Virtual size: 223KB

.data Size: 17KB - Virtual size: 16KB

.rsrc Size: 33KB - Virtual size: 36KB

.text
Size: 223KB - Virtual size: 223KB

.data
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 33KB - Virtual size: 36KB