ddf9e97e0eb491925b7d3a8f6e4358d5b55167dbc75db22ef6b3b6041875f21c

General

Target

ddf9e97e0eb491925b7d3a8f6e4358d5b55167dbc75db22ef6b3b6041875f21c
Size

499KB
MD5

85140de3e36519f0d447f97ed3b01c90
SHA1

3114c7a424ef56b7d3a12eb46254357cd428fd00
SHA256

ddf9e97e0eb491925b7d3a8f6e4358d5b55167dbc75db22ef6b3b6041875f21c
SHA512

4a1ca21c49d738a489a97c57a50bf6dddb41afc5ba1353fc18968ab798c1737d3f19d847e5a5c2b3e54e27e1e31d73ba101ef6377004f93c163322ee8f32b9bc
SSDEEP

12288:OLF+iiJJx6ONuvWsEXLrbEz0tGlVpPLAaEmboLAAO:2+i4ADUC0tGlzPE2b3A

Score

N/A

Malware Config

Signatures

Files

ddf9e97e0eb491925b7d3a8f6e4358d5b55167dbc75db22ef6b3b6041875f21c
.exe windows x86

ef9169c341840fd24df9a1a5eb716263

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

crypt32

CertFindCRLInStore
CertFindAttribute
CryptFindOIDInfo
CertDuplicateStore
CertFindExtension
CertOpenStore
CertGetNameStringA
CertDuplicateCRLContext
CertCreateCRLContext
CertSaveStore
CryptEnumOIDInfo
CertCreateContext
CertDeleteCRLFromStore
CertCloseStore
CertControlStore

cabinet

Extract
FCICreate
FCIDestroy
FCIFlushCabinet

msimg32

TransparentBlt
DllInitialize

kernel32

GetFullPathNameA
GetNumberFormatA
SetVolumeLabelA
DeviceIoControl
CreateMutexA
SetEndOfFile
PurgeComm
GetVolumePathNameW
HeapValidate
GetProcessTimes
CreateEventW
GetAtomNameA
GetModuleHandleA
TlsGetValue
SetCurrentDirectoryA
GetTickCount
FindResourceA
GetLogicalDrives
GetDiskFreeSpaceA
GetProcAddress
GetEnvironmentVariableW
SetEnvironmentVariableA
lstrcmpA
MoveFileW
ReadFile
GetShortPathNameA
GetSystemInfo
GetCurrentProcess
QueryDosDeviceA
GetBinaryTypeA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 457KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef9169c341840fd24df9a1a5eb716263

Headers

File Characteristics

Imports

crypt32

cabinet

msimg32

kernel32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 457KB - Virtual size: 524KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 457KB - Virtual size: 524KB

.reloc
Size: 7KB - Virtual size: 7KB