8cd1a76b0cdc8a1f5b6c8d51d8d4d8f125abf8957e739e247e2b0dd8fd9c3dc5

Sharing

Copy URL Twitter E-mail

General

Target

8cd1a76b0cdc8a1f5b6c8d51d8d4d8f125abf8957e739e247e2b0dd8fd9c3dc5
Size

368KB
MD5

829dc385f4fafdb998053432121222a0
SHA1

28af0a866bae2bbdef8325a224f2400c6bf38daa
SHA256

8cd1a76b0cdc8a1f5b6c8d51d8d4d8f125abf8957e739e247e2b0dd8fd9c3dc5
SHA512

cd09f4abeb994c7818e29f11c043aabda0f6a66d4f3398eb47a97442ae34741ac67a7f4f44c23471178f3cc3084650ab3c39799a5a859f07cd714226a905a8f1
SSDEEP

6144:UEaT9bmm8oGLsP6uN5d73jI1fkCkXBkaidG8fG9v/occU4bUSkc:U1T9bWsP6uN5RXvXhk/f4/oW

Score

N/A

Malware Config

Signatures

Files

8cd1a76b0cdc8a1f5b6c8d51d8d4d8f125abf8957e739e247e2b0dd8fd9c3dc5
.exe windows x86

a0ddbef908d9eb3aebc6f72032444902

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

ufat

?Set12@FAT@@AAEXKK@Z
??0FILEDIR@@QAE@XZ
?IsValidCreationTime@FAT_DIRENT@@QBEEXZ
??0REAL_FAT_SA@@QAE@XZ
??1REAL_FAT_SA@@UAE@XZ
?QueryLastWriteTime@FAT_DIRENT@@QBEEPAT_LARGE_INTEGER@@@Z
?IsValidLastWriteTime@FAT_DIRENT@@QBEEXZ
?AllocChain@FAT@@QAEKKPAK@Z
?QueryNthCluster@FAT@@QBEKKK@Z
??1FAT_SA@@UAE@XZ
?QueryEaSetClusterNumber@EA_HEADER@@QBEGG@Z
??1EA_SET@@UAE@XZ
?QueryName@FAT_DIRENT@@QBEEPAVWSTRING@@@Z
?SearchForDirEntry@FATDIR@@QAEPAXPBVWSTRING@@@Z
?QueryLengthOfChain@FAT@@QBEKKPAK@Z
?Initialize@ROOTDIR@@QAEEPAVMEM@@PAVLOG_IO_DP_DRIVE@@KJ@Z
??0CLUSTER_CHAIN@@QAE@XZ
?InitFATChkDirty@REAL_FAT_SA@@QAEEPAVLOG_IO_DP_DRIVE@@PAVMESSAGE@@@Z
??1FAT_DIRENT@@UAE@XZ
?Initialize@EA_SET@@QAEEPAVMEM@@PAVLOG_IO_DP_DRIVE@@PAVFAT_SA@@PBVFAT@@KK@Z
?QueryFreeSectors@REAL_FAT_SA@@QBEKXZ
??0EA_HEADER@@QAE@XZ
??1CLUSTER_CHAIN@@UAE@XZ
ChkdskEx
??0ROOTDIR@@QAE@XZ
?QueryLongName@FATDIR@@QAEEJPAVWSTRING@@@Z
?QueryLastAccessTime@FAT_DIRENT@@QBEEPAT_LARGE_INTEGER@@@Z

kernel32

GetVersionExW
TlsSetValue
GlobalAlloc
CommConfigDialogW
EraseTape
OpenWaitableTimerW
SetThreadLocale
GetDefaultCommConfigA
CreateFileMappingW
EnumResourceLanguagesW
FindActCtxSectionStringW
GetCurrentActCtx
DefineDosDeviceW
IsProcessorFeaturePresent
SetConsoleCursor
WriteConsoleOutputCharacterW
WriteProfileStringA
WritePrivateProfileStructA
SetPriorityClass
AreFileApisANSI
GetHandleInformation
QueryPerformanceCounter
GetSystemDirectoryW
EscapeCommFunction
QueryActCtxW
CreateFileMappingA
GetBinaryTypeW
GetFileInformationByHandle
CompareFileTime
GetTimeFormatA
ReadDirectoryChangesW
RegisterWowBaseHandlers
FlushFileBuffers
GetCurrentThread
GetProcessTimes
ShowConsoleCursor
HeapUnlock
AddLocalAlternateComputerNameA
SetClientTimeZoneInformation
FreeEnvironmentStringsW
GetPriorityClass
ReplaceFileW
AddVectoredExceptionHandler
EnumCalendarInfoA
LoadLibraryA
CreateMutexA
GetExitCodeProcess
WriteFileEx
LocalAlloc
InterlockedExchange
lstrcpyW
ConsoleMenuControl
SetTimerQueueTimer
GetEnvironmentStringsW
GetConsoleCursorMode
EnumResourceLanguagesA
VirtualAllocEx
GetConsoleProcessList
VirtualAlloc
FormatMessageW
GetGeoInfoW
GetNumberOfConsoleFonts
GetCommandLineW
MoveFileWithProgressW
QueryMemoryResourceNotification
GetTimeZoneInformation
RequestWakeupLatency
Thread32First
GetSystemInfo
IsBadCodePtr
VirtualLock

msvcrt40

?sgetc@streambuf@@QAEHXZ
_wtol
_ismbcgraph
sinh
iscntrl
_strnicoll
_mbctolower
fgets
?str@ostrstream@@QAEPADXZ
strchr
__setusermatherr
_wenviron
_putw
??_Gstrstreambuf@@UAEPAXI@Z
_telli64
_control87
_fputwchar
??0__non_rtti_object@@QAE@PBD@Z
_mbsnbcoll
??_8ostrstream@@7B@
_kbhit
gmtime
?init@ios@@IAEXPAVstreambuf@@@Z
?put@ostream@@QAEAAV1@C@Z
getwchar
acos
?ws@@YAAAVistream@@AAV1@@Z
strtol
?open@ifstream@@QAEXPBDHH@Z

gdi32

GetLayout
GdiDeleteLocalDC
DeviceCapabilitiesExW
SetICMProfileW
SetWindowOrgEx
ResetDCW
SelectBrushLocal
DdEntry38
CreateRoundRectRgn
GetEUDCTimeStampExW
GdiGradientFill
AddFontMemResourceEx
PolyPolygon
GetDCBrushColor
CreateEnhMetaFileA
HT_Get8BPPMaskPalette
WidenPath
SetMapperFlags
GetCharABCWidthsFloatW
GdiSetLastError
GetGlyphIndicesW
CreateColorSpaceW
GetTextExtentExPointI
STROBJ_dwGetCodePage
EngDeleteClip
ScaleWindowExtEx
Polygon
EngAlphaBlend
GdiArtificialDecrementDriver

cfgmgr32

CM_Get_First_Log_Conf_Ex
CM_Unregister_Device_InterfaceA
CM_Get_Class_Registry_PropertyA
CM_Get_Hardware_Profile_Info_ExW
CM_Get_HW_Prof_FlagsA
CM_Set_HW_Prof_FlagsW
CM_Get_Child_Ex
CM_Get_Device_Interface_List_Size_ExW
CM_Find_Range
CM_Set_Class_Registry_PropertyW
CM_Enumerate_Enumerators_ExA
CMP_RegisterNotification
CM_Disconnect_Machine
CM_Set_DevNode_Registry_Property_ExA
CM_Set_Class_Registry_PropertyA
CM_Disable_DevNode_Ex
CM_Get_DevNode_Registry_PropertyA
CM_Get_Resource_Conflict_DetailsA
CM_Get_Device_ID_List_ExA
CM_Setup_DevNode
CM_Query_Arbitrator_Free_Data_Ex
CM_Delete_Class_Key_Ex
CM_Query_And_Remove_SubTreeA
CM_Unregister_Device_Interface_ExW
CM_Request_Eject_PC_Ex
CM_Test_Range_Available
CM_Intersect_Range_List
CM_Get_DevNode_Registry_PropertyW
CM_Disable_DevNode
CM_Get_Device_Interface_ListA
CMP_Init_Detection
CM_Get_Device_ID_Size
CM_Get_Global_State
CM_Set_HW_Prof_Flags_ExA
CM_Free_Log_Conf_Ex
CMP_WaitServicesAvailable
CM_Uninstall_DevNode_Ex
CM_Set_HW_Prof_FlagsA
CM_Free_Res_Des_Ex
CM_Get_Hardware_Profile_InfoA
CM_Get_Class_Key_Name_ExA
CM_Get_HW_Prof_Flags_ExA
CM_Connect_MachineW
CM_Delete_DevNode_Key
CM_Set_DevNode_Registry_PropertyW

iphlpapi

GetIpStatistics
GetIcmpStatistics
_PfBindInterfaceToIPAddress@12
NhGetGuidFromInterfaceName
do_echo_req
GetAdaptersInfo
GetFriendlyIfIndex
_PfAddGlobalFilterToInterface@8
Icmp6SendEcho2
InternalSetIpNetEntry
NhGetInterfaceNameFromDeviceGuid
InternalCreateIpForwardEntry
GetBestInterface
GetIpForwardTable
InternalSetIpForwardEntry
IcmpCloseHandle
_PfDeleteInterface@4
InternalSetTcpEntry
_PfRemoveFilterHandles@12
GetBestRoute
GetUdpStatistics
GetPerAdapterInfo
RestoreMediaSense
_PfAddFiltersToInterface@24
_PfRebindFilters@8
GetRTTAndHopCount
SetTcpEntry
InternalSetIfEntry
NTPTimeToNTFileTime
NhpAllocateAndGetInterfaceInfoFromStack
AllocateAndGetIpAddrTableFromStack
GetIfTable
DeleteIpNetEntry
GetAdapterIndex
CreateProxyArpEntry
_PfDeleteLog@0
DeleteIPAddress
InternalGetIpNetTable
GetIpNetTable
register_icmp

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0ddbef908d9eb3aebc6f72032444902

Headers

File Characteristics

Imports

ufat

kernel32

msvcrt40

gdi32

cfgmgr32

iphlpapi

Sections

.text Size: 76KB - Virtual size: 76KB

.rdata Size: 112KB - Virtual size: 112KB

.data Size: 1KB - Virtual size: 484KB

.rsrc Size: 177KB - Virtual size: 177KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 76KB - Virtual size: 76KB

.rdata
Size: 112KB - Virtual size: 112KB

.data
Size: 1KB - Virtual size: 484KB

.rsrc
Size: 177KB - Virtual size: 177KB

.reloc
Size: 1024B - Virtual size: 1024B