b6c8c59b3fe3db1c5cc17e8b753e60e7efcb0b213e616faeff3e918dfea1b4c8

Sharing

Copy URL Twitter E-mail

General

Target

b6c8c59b3fe3db1c5cc17e8b753e60e7efcb0b213e616faeff3e918dfea1b4c8
Size

58KB
MD5

9305916b754f338c2dbe9d3088c025ce
SHA1

01cae16718aab1fd6c7515a934380265d5813f0e
SHA256

b6c8c59b3fe3db1c5cc17e8b753e60e7efcb0b213e616faeff3e918dfea1b4c8
SHA512

14931fd03af37b020ad7b3a3cb550d1de00ae5ed08d72a812cb199462d9067e4fc74b40540fdb2e9a7f98ee4f2b1e7650eac4f31cb7549702fb8e1ac87d8b986
SSDEEP

1536:qECIi8q1u1LxeFWL1sNgCTBguHCCuyFo9s0Ydf2AlmTui5PgWQ:qEC80ufe2KNhViCuGdfQuiQ

Score

N/A

Malware Config

Signatures

Files

b6c8c59b3fe3db1c5cc17e8b753e60e7efcb0b213e616faeff3e918dfea1b4c8
.exe windows x86

815c7dc7988248ee82614983ca4fad81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

_findnext
_getdllprocaddr
fgets
_mbctype
_pipe
_fgetchar
realloc
_spawnvp
_mbscmp
_strnextc
_rmtmp
_fileinfo_dll
_tempnam
_spawnv
cosh
_tell
_heapchk
_baseversion_dll
_ultoa
_mbsdec
_wcsupr
_dup
_ungetch
wcspbrk

msvcrt40

??0streambuf@@IAE@XZ
?unlockbuf@ios@@QAAXXZ
??0strstreambuf@@QAE@PADH0@Z
_wcsncoll
asctime
??4ostream_withassign@@QAEAAV0@ABV0@@Z
__argv
iswalnum
?stossc@streambuf@@QAEXXZ
_ismbbkprint
modf
?is_open@ifstream@@QBEHXZ
??1istrstream@@UAE@XZ
?rdbuf@ios@@QBEPAVstreambuf@@XZ
??6ostream@@QAEAAV0@PBD@Z
_wgetcwd
_ultow
_heapset
fprintf
atoi
_isctype
?lockbuf@ios@@QAAXXZ

msvcirt

?sputn@streambuf@@QAEHPBDH@Z
??_7ios@@6B@
??_Eofstream@@UAEPAXI@Z
??5istream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z
?blen@streambuf@@IBEHXZ
??_Diostream@@QAEXXZ
??5istream@@QAEAAV0@PAD@Z
??4ostream_withassign@@QAEAAVostream@@ABV1@@Z
?setbuf@strstreambuf@@UAEPAVstreambuf@@PADH@Z
?xsputn@streambuf@@UAEHPBDH@Z
??0stdiobuf@@QAE@ABV0@@Z
?peek@istream@@QAEHXZ
?clrlock@ios@@QAAXXZ
??5istream@@QAEAAV0@AAM@Z
?is_open@ifstream@@QBEHXZ
??4ofstream@@QAEAAV0@ABV0@@Z
??0strstream@@QAE@XZ
??_Eostrstream@@UAEPAXI@Z
??_Distream_withassign@@QAEXXZ
?iword@ios@@QBEAAJH@Z
?ws@@YAAAVistream@@AAV1@@Z
??_Dostrstream@@QAEXXZ

kernel32

HeapCreate
GetPrivateProfileStructA
IsDBCSLeadByteEx
WritePrivateProfileStructW
ReadProcessMemory
QueueUserAPC
LoadLibraryA
CreateFileA
GetConsoleAliasA
PrivCopyFileExW
FindFirstFileExW
SetComputerNameW
GetDriveTypeW
GetCurrencyFormatW
SetLastError
QueryPerformanceCounter
ReadConsoleInputExA
GetSystemTime
GetPrivateProfileSectionNamesW
CreateToolhelp32Snapshot
VirtualQuery
_hread
WaitCommEvent
CommConfigDialogA
LoadResource
DelayLoadFailureHook
VirtualAlloc
CreateDirectoryA
GetSystemDirectoryW

olecli32

MfGetData
BmDraw
OleRevertClientDoc
OleEqual
MfChangeData
DefCreate
LeCopy
DibClone
GenRelease
MfDraw
BmChangeData
LeSetTargetDevice
OleQueryType
WEP
LeSetUpdateOptions
SrvrWndProc
OleUpdate
ErrQueryProtocol
OleExecute
ErrObjectConvert
DibRelease
ErrQueryOpen
ErrSetData
OleRegisterClientDoc
PbCreate
LeQueryBounds
LeEnumFormat

pdh

PdhBrowseCountersHW
PdhListLogFileHeaderA
PdhVbCreateCounterPathList
PdhOpenQuery
PdhGetFormattedCounterArrayW
PdhBindInputDataSourceW
PdhValidatePathW
PdhGetLogFileSize
PdhVbGetOneCounterPath
PdhVbGetDoubleCounterValue
PdhUpdateLogA
PdhVerifySQLDBW
PdhGetDllVersion
PdhLookupPerfNameByIndexA
PdhSelectDataSourceA
PdhGetCounterInfoA
PdhGetRawCounterArrayW
PdhSetLogSetRunID
PdhCollectQueryDataEx
PdhConnectMachineW
PdhOpenQueryW
PdhExpandWildCardPathHW
PdhGetDataSourceTimeRangeA
PdhEnumMachinesA

cmutil

??1CIniW@@QAE@XZ
?GetPrimaryFile@CIniW@@QBEPBGXZ
CmStrStrW
CmFmtMsgW
?GPPS@CIniA@@QBEPADPBD00@Z
?GetLogFilePath@CmLogFile@@QAEPBGXZ
?GetSection@CIniW@@QBEPBGXZ
?Start@CmLogFile@@QAEJH@Z
SzToWzWithAlloc
?CIniA_DeleteEntryFromReg@CIniA@@IBEHPAUHKEY__@@PBD1@Z
??4CmLogFile@@QAEAAV0@ABV0@@Z
?SetHInst@CIniW@@QAEXPAUHINSTANCE__@@@Z
?Stop@CmLogFile@@QAEJXZ
CmRealloc
WzToSz
MakeBold
?SetEntry@CIniW@@QAEXPBG@Z
GetOSVersion
CmStrrchrA
?SetEntryFromIdx@CIniW@@QAEXK@Z
?CIniA_GetEntryFromReg@CIniA@@IBEPAEPAUHKEY__@@PBD1KK@Z
CmLoadSmallIconA
?Clear@CmLogFile@@QAEXH@Z

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

815c7dc7988248ee82614983ca4fad81

Headers

DLL Characteristics

File Characteristics

Imports

crtdll

msvcrt40

msvcirt

kernel32

olecli32

pdh

cmutil

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 18KB - Virtual size: 61KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 512B - Virtual size: 268B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 18KB - Virtual size: 61KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 512B - Virtual size: 268B