7eb4e6deeda00244fb0a0eb386b8272d45c3475b2fafcc6225166d469d76f33f

Sharing

Copy URL

Twitter E-mail

General

Target

7eb4e6deeda00244fb0a0eb386b8272d45c3475b2fafcc6225166d469d76f33f
Size

50KB
MD5

a18ecfc1beb40aaf081d2a21ca95d550
SHA1

bcc9e7f8267e9e913b69d52c40243d424b4512ae
SHA256

7eb4e6deeda00244fb0a0eb386b8272d45c3475b2fafcc6225166d469d76f33f
SHA512

450aaa267d25c04163058039c0056a2e8515be8c67f4c8a1bc1f44513a3434393bbaadf78aefa9072951530e85bf6e13214bb09ea37f59f57440040d3c71da3e
SSDEEP

1536:m+fOXqo9Od1LxSY+A37feaCMJDmYsLIb4PvYqHB/AfJ:ROf9Od1NSDADeak7dJHB/Ax

Score

N/A

Malware Config

Signatures

Files

7eb4e6deeda00244fb0a0eb386b8272d45c3475b2fafcc6225166d469d76f33f
.exe windows x86

23a80c53509ed5f6c8f0d0432ecf0705

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

libsyss

?ERROR_ask_fail_message@@YAPADH@Z
?SM_sprintf@@YAPADPBDZZ
?CFI_merge_filespec@@YAHPBD0HPAPAD@Z
?SYS_init_basics@@YAHXZ
?ERROR_init_module@@YAXXZ
?ARG_init_module@@YAXHPAPAD@Z
?MET_init@@YAXXZ
?ARG_get_switch@@YAPBDPBDHPAH@Z
?CFI_get_file_type@@YAHPBDPAH@Z
?MET_ask_pvtbl@@YAPAUMET_vtbl_s@@XZ
?CFI_is_ideas_file@@YA_NPBD@Z
?ARG_get_count@@YAHXZ
?ARG_get_argument@@YAPBDH@Z
??0Severe@Error@UGS@@QAE@XZ
?Convert@Severe@Error@UGS@@QAEABVException@23@ABVexception@std@@@Z
?askCode@Exception@Error@UGS@@QBEHXZ
?SM_free@@YAXPAX@Z
?nat110@@YAPADPBD@Z
??1Severe@Error@UGS@@UAE@XZ
?SM_alloc@@YAPAXI@Z
?SM_string_copy@@YAPADPBD@Z
?CFI_open_file@@YAHPBDHHHPAH@Z
?CFI_read_line@@YAHHPAPAD@Z
?SM_realloc@@YAPAXPAXI@Z
?CFI_close_file@@YAHPAHH@Z
?STR_snprintf@@YAHPADIPBDZZ
?ERROR_set_system_log@@YAXPBD@Z
?ERROR_set_log_file_status@@YAXW4ERROR_log_file_status_t@@@Z
?CFI_ask_temporary_directory@@YAPBDXZ
?CFI_create_unique_filename@@YAHPAPAD@Z

libufun

UF_MISC_set_program_name
UF_initialize

msvcr80

_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
strstr
printf
getenv
__RTDynamicCast
__CxxFrameHandler3
memset
??3@YAXPAX@Z
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
exit
__initenv
_initterm

kernel32

IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange

Exports

Exports

?NXSigningResource@@YAXXZ

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23a80c53509ed5f6c8f0d0432ecf0705

Headers

File Characteristics

Imports

libsyss

libufun

msvcr80

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 39KB - Virtual size: 39KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 39KB - Virtual size: 39KB