ca70dd3b8bd1177bd0bc26b5bc9f886b450b19426787a6cd12926ec5cbee7dd3

General

Target

ca70dd3b8bd1177bd0bc26b5bc9f886b450b19426787a6cd12926ec5cbee7dd3
Size

128KB
MD5

0c4eabe0683ec60b4c1a14037c57be43
SHA1

0d3fbe96750f0e0c06003f3bee7a0f6429130e57
SHA256

ca70dd3b8bd1177bd0bc26b5bc9f886b450b19426787a6cd12926ec5cbee7dd3
SHA512

88d47c224b2ebcf3a88984564ba391a4233a3640a8f034bd739239b36b9b6b6c74accc7bd6051894fc8e6287330eae1127fc576c41f096114c9c83262f80d20b
SSDEEP

3072:0VktXHzk4h7FzN1O63+IPnK2n2vBP/MqIwUyG:0/8FzN3K2CP/T7Ur

Score

N/A

Malware Config

Signatures

Files

ca70dd3b8bd1177bd0bc26b5bc9f886b450b19426787a6cd12926ec5cbee7dd3
.exe windows x86

4836a076d0caef6dac9068d858a9f959

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumDateFormatsW
GetProcAddress
LoadLibraryA
SetThreadExecutionState
RemoveDirectoryW
GetDefaultCommConfigW
GetTimeZoneInformation
MoveFileW
GetFileSize
GetTickCount
TransactNamedPipe
SetPriorityClass
Sleep
EnumLanguageGroupLocalesW

user32

GetTabbedTextExtentW
GetScrollRange
GetSystemMetrics
GetMessagePos
InflateRect
GetUserObjectInformationA
CreateDesktopW
GetWindowTextW
GetClassNameW
SetWindowPlacement
DlgDirListComboBoxW
CopyIcon
GetCaretBlinkTime
SetSystemCursor
GetLastActivePopup
GetInputState

gdi32

ExcludeClipRect
Ellipse

advapi32

GetAclInformation
SetTokenInformation
LookupPrivilegeValueA

Exports

Exports

NcfCa
NcfDpfbnz
NcfGj
NcfGkgp
NcfKrvdi
NcfLarph
NcfQobbts
NcfTwaqfc
NcfUwt
NcfWiwnm
NcfZhyqqx

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 414KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4836a076d0caef6dac9068d858a9f959

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 414KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 414KB

.reloc
Size: 11KB - Virtual size: 11KB