55df94a859b4a69433621cfcc07a9c66fad4a289d427e901ff4924043a90b568

Sharing

Copy URL

Twitter E-mail

General

Target

55df94a859b4a69433621cfcc07a9c66fad4a289d427e901ff4924043a90b568
Size

822KB
MD5

54332300b84dc6e8d6ecffc0ce820aff
SHA1

b33f83e703be6c0707a7435e2d5f86e3ede6b3b7
SHA256

55df94a859b4a69433621cfcc07a9c66fad4a289d427e901ff4924043a90b568
SHA512

0000e6659e04532d33391575cf794dde604bbf80304a7f72affc80fcd3f0f685ac6d72fcaa81586800ce5f3725a242482683f2d166054df01776b27fc764edb9
SSDEEP

12288:m4H2NPUUzd9YX1MWAVQMNxnwwif50WaNyUA/wgQUYwnpCS3NiujR4qcUXfXRmno:8NcUp9YX1ZUnw7J//iW8S3Mut0UPXRm

Score

N/A

Malware Config

Signatures

Files

55df94a859b4a69433621cfcc07a9c66fad4a289d427e901ff4924043a90b568
.exe windows x86

80f6295eb315d6a9677bf9d99259eb58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

_strtime
_mbscspn
_sys_errlist
iswprint
_ismbcsymbol
ispunct
_initterm
_CIatan2
_locking
_strinc
_strerror
_ismbbprint
_CIcosh
wctomb
pow
getenv
_strnextc
_fsopen
_getw
strtol
fflush
_toupper
_wcsdup
_assert
ferror
ldiv
_fputwchar

ntdll

RtlDowncaseUnicodeChar
RtlFindCharInUnicodeString
RtlSetOwnerSecurityDescriptor
NtGetWriteWatch
RtlCreateUserProcess
RtlGetLastNtStatus
NtQueryDefaultUILanguage
RtlGetCompressionWorkSpaceSize
ZwDebugActiveProcess
_wtoi
wcscat
ZwSetSystemEnvironmentValue
RtlInitializeBitMap
RtlLargeIntegerToChar
NtVdmControl
RtlFreeHeap
CsrSetPriorityClass
ZwAccessCheckByTypeResultList
_splitpath
strncat
RtlGetLastWin32Error
RtlDeregisterWait
NtSetSystemPowerState
abs
RtlVerifyVersionInfo
ZwQueryDebugFilterState
_wcslwr
NtQueryEaFile
CsrCaptureTimeout
ZwLockFile
RtlAppendStringToString
isprint
DbgPrint

kernel32

GetSystemTimeAsFileTime
BaseCleanupAppcompatCacheSupport
LZSeek
CreateDirectoryA
ConsoleMenuControl
LoadLibraryA
QueryPerformanceCounter
IsBadHugeReadPtr
WriteConsoleOutputA
GetProfileSectionA
GetConsoleAliasExesLengthA
GetConsoleTitleA
ScrollConsoleScreenBufferA
GetLongPathNameW
RtlFillMemory
GlobalLock
MoveFileWithProgressW
SetCommMask
FindResourceA
SetNamedPipeHandleState
WriteFileEx
WritePrivateProfileSectionA
GetCalendarInfoW
VirtualAlloc
DeleteFileA
ExitProcess
RemoveDirectoryW
GetProcessHeaps
LZOpenFileA
GetModuleHandleA
GetAtomNameW
GetCalendarInfoA
VerLanguageNameW
GetProcessIoCounters
GetShortPathNameA
EnumResourceTypesW
SetConsoleCP

modemui

InvokeControlPanel
ModemCplDlgProc
CountryRunOnce
drvCommConfigDialogW
drvGetDefaultCommConfigW
drvCommConfigDialogA
UnimodemGetExtendedCaps
UnimodemDevConfigDialog
drvSetDefaultCommConfigA
drvGetDefaultCommConfigA
drvSetDefaultCommConfigW
ModemPropPagesProvider
UnimodemGetDefaultCommConfig
QueryModemForCountrySettings

Sections

.text
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80f6295eb315d6a9677bf9d99259eb58

Headers

DLL Characteristics

File Characteristics

Imports

crtdll

ntdll

kernel32

modemui

Sections

.text Size: 404KB - Virtual size: 403KB

.rdata Size: 121KB - Virtual size: 120KB

.data Size: 188KB - Virtual size: 1.5MB

.rsrc Size: 107KB - Virtual size: 106KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 404KB - Virtual size: 403KB

.rdata
Size: 121KB - Virtual size: 120KB

.data
Size: 188KB - Virtual size: 1.5MB

.rsrc
Size: 107KB - Virtual size: 106KB

.reloc
Size: 1KB - Virtual size: 1KB