b2c8dbe3a99ebb69ff6d26f04435b5c8051f8910d2e514c554f0b12614c621f0

Sharing

Copy URL Twitter E-mail

General

Target

b2c8dbe3a99ebb69ff6d26f04435b5c8051f8910d2e514c554f0b12614c621f0
Size

137KB
MD5

92decc1ed2d4e1a3ff7cf7d1d68a8fc0
SHA1

dab5c3d2a58a74f616b0f845e80fb1d433a5da52
SHA256

b2c8dbe3a99ebb69ff6d26f04435b5c8051f8910d2e514c554f0b12614c621f0
SHA512

f039c9fbb993dc94f537ae2627d967000b7238590d5ec400e28d6da5a017a43cfea067172f1a4d41168cd34de8603f6d581a3115dec5d2fc212c9324a1becf76
SSDEEP

3072:4iuDQDTO9wYopVIQ1iiVrbd8lHg/uIirWmtz:j1DTO9wDVrbt/u1rWqz

Score

N/A

Malware Config

Signatures

Files

b2c8dbe3a99ebb69ff6d26f04435b5c8051f8910d2e514c554f0b12614c621f0
.exe windows x86

f833bf56e9ad8c2825d810cfac3791a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ndsapi

NDS_GetSelectedProfileCS
NDS_SwitchTempProfile
NDS_GetProfile
NDS_SwitchProfile
NDS_SetSelectedProfile
NDS_EnableDevice
NDS_GetNetNameByDevID
NDS_AbortSwitch
??1NDS_PF@@QAE@XZ
??0NDS_PF@@QAE@XZ
??1NDS_DEVICE@@QAE@XZ
??0NDS_DEVICE@@QAE@XZ
iasDisconnectConnectionEntry
iasConnectConnectionEntry
NDS_GetCurrentProfile

mfc80

ord6090
ord5583
ord2018
ord2063
ord4326
ord6276
ord3801
ord6278
ord5119
ord4014
ord4038
ord2322
ord2405
ord2387
ord2385
ord2403
ord3648
ord2415
ord2392
ord2408
ord2413
ord2396
ord395
ord2398
ord635
ord2400
ord2394
ord2410
ord562
ord2390
ord751
ord934
ord4299
ord930
ord932
ord928
ord5165
ord923
ord4265
ord5233
ord5235
ord5960
ord1600
ord4277
ord5205
ord4722
ord4250
ord3403
ord1084
ord3806
ord1071
ord2173
ord1160
ord4185
ord6275
ord5073
ord1908
ord5148
ord4244
ord1402
ord3945
ord1617
ord1620
ord5915
ord6725
ord1557
ord4019
ord2424
ord2425
ord2992
ord5356
ord4486
ord943
ord2862
ord4904
ord5200
ord2939
ord1599
ord4135
ord1655
ord4309
ord1656
ord5012
ord1964
ord5009
ord1362
ord2615
ord4967
ord1913
ord1010
ord2246
ord6277
ord3802
ord6279
ord1522
ord3466
ord2172
ord2178
ord3255
ord334
ord593
ord557
ord745
ord5124
ord5716
ord310
ord578
ord1486
ord781
ord1185
ord5102
ord6219
ord5382
ord762
ord3832
ord1054
ord1920
ord1126
ord2931
ord3830
ord5224
ord5226
ord2248
ord3948
ord4568
ord5230
ord5213
ord5566
ord2537
ord2731
ord2835
ord757
ord4307
ord566
ord2714
ord2838
ord2540
ord2646
ord2533
ord3683
ord3718
ord3719
ord3709
ord2644
ord3949
ord4481
ord4261
ord3333
ord764
ord1207
ord1306
ord3345

msvcr80

__p__commode
__p__fmode
__set_app_type
_except_handler4_common
?terminate@@YAXXZ
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__CxxFrameHandler3
fclose
atoi
fseek
ftell
fprintf
fgets
_stricmp
fopen
_splitpath_s
sprintf
_splitpath
free
sprintf_s
malloc
memset
_setmbcp
_adjust_fdiv

kernel32

GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
GetLastError
GetSystemTimeAsFileTime
GetCurrentProcessId
CloseHandle
DisconnectNamedPipe
CallNamedPipeA
Sleep
GetModuleFileNameA
FreeLibrary
LoadLibraryA
GetProcAddress
GetLocalTime
GetCurrentThreadId
GetTempPathA
CreateThread
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
CreateMutexA

user32

PostMessageA
UpdateWindow

advapi32

SetSecurityDescriptorDacl
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor

comctl32

InitCommonControlsEx

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f833bf56e9ad8c2825d810cfac3791a3

Headers

File Characteristics

Imports

ndsapi

mfc80

msvcr80

kernel32

user32

advapi32

comctl32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 104KB - Virtual size: 104KB